SAP Security Analyst

Position Summary

The SAP Security Analyst supports the implementation, maintenance, and continuous improvement of SAP security policies, controls, and access management processes. This role ensures the integrity, confidentiality, and availability of organizational data across SAP systems. Working under the mentorship of senior analysts, the SAP Security Analyst performs increasingly complex tasks with growing independence and collaborates closely with technical and functional teams to maintain a secure and compliant SAP environment.

Essential Functions & Responsibilities

• Supports project planning and delivery activities in partnership with senior security analysts and development teams.
• Reviews, grants, modifies, and revokes SAP user access in alignment with least-privilege principles and organizational security policies.
• Conducts recurring security audits, monitors logs for suspicious activity, and assists in investigating potential vulnerabilities or unauthorized access.
• Documents security configurations, access controls, and incident response procedures to support compliance and audit readiness.
• Collaborates with development and delivery teams to create authorization objects, validate security design, and ensure adherence to security standards.
• Provides production support including password resets, role updates, access provisioning, and troubleshooting security-related issues.
• Participates in end-to-end testing and go-live activities for SAP implementation and enhancement projects.
• Works with cross-functional teams to investigate and resolve issues impacting SAP security and system performance.
• Offers guidance to junior team members and contributes to knowledge sharing within the security team.
• Stays current on SAP security enhancements, emerging threats, and industry best practices.
• Adheres to all certified processes and information security standards.

Minimum Requirements

• Certificate or coursework in MIS, Computer Science, Information Systems, IT, Cybersecurity, or related technical field.
• 2–4 years of experience in SAP security, IT security, access management, or related technical support roles.
• Foundational understanding of SAP authorization concepts, roles, profiles, and user administration.
• Ability to obtain and maintain a U.S. government security clearance (U.S. Citizenship required).
• Strong analytical and problem-solving skills with high attention to detail.
• Excellent written and verbal communication skills with the ability to collaborate across technical and functional teams.
• Ability to work independently in a fast-paced, dynamic environment while maintaining high quality and accuracy.
• Strong organizational skills with the ability to manage multiple tasks and priorities.
• Ability to travel up to 25%, varies depending on client needs. 

Nice to Haves

• Experience with SAP ECC or S/4HANA security concepts, including Fiori authorization design.
• Familiarity with SAP GRC Access Control (ARA, ARM, BRM, EAM).
• Exposure to segregation-of-duties (SoD) analysis and remediation.
• Experience supporting audits or compliance frameworks (SOX, NIST, ISO 27001).
• Understanding of cybersecurity principles, identity and access management (IAM), or general IT controls.
• Experience with data visualization or reporting tools (e