SAP Security Analyst/Engineer jobs in United States
cer-icon
Apply on Employer Site
company-logo

Johnson Technology Systems, Inc. (JTSi) · 2 months ago

SAP Security Analyst/Engineer

positionUnited States
timeFull-time
remoteRemote
senioritySenior Level
date5+ years exp

Johnson Technology Systems, Inc. (JTSi) is a federal government consulting firm providing technical services to various agencies. They are seeking an SAP Security Analyst/Engineer to design roles and authorizations, administer access and SoD controls, and ensure compliance across SAP systems while collaborating with audit and business teams.

Business DevelopmentConsultingEnterprise Resource Planning (ERP)Information TechnologyIT ManagementManagement ConsultingSoftware
badNo H1BnoteU.S. Citizen Onlynote

Responsibilities

Design, build, and maintain role based access and authorization concepts across ECC or S/4HANA, BW/4HANA, SAP PI/PO, Solution Manager, and BusinessObjects, with scalable patterns for business roles
Administer user provisioning, deprovisioning, access reviews, and SoD analysis; define mitigating controls and custom authorizations when necessary
Create and maintain roles, profiles, and authorization objects; manage transports and promote changes through QA to production per change control
Implement and operate SAP GRC Access Control (ARA, ARM, EAM, BRM) for request, approval, firefighter, and ruleset governance
Govern HANA security including analytic privileges and role design for developers, modelers, DBAs, and end users
Support SAP project lifecycles (blueprint, testing, cutover, go live) and system upgrades with security design, testing, and remediation
Integrate SAP security with enterprise IAM and SSO; coordinate identity lifecycle and role mappings with central directories
Monitor and respond to security events; integrate with SIEM and vulnerability management to detect anomalies and drive remediation
Conduct periodic risk assessments, internal audits, and evidence collection
Provide production support and root cause analysis for authorization failures; deliver training and knowledge transfer to end users and support teams
Maintain documentation for security designs, rulesets, procedures, and change records aligned to internal policies and external standards

Qualification

SAP SecurityGRC Access ControlS/4HANAHANA DB securitySoD risk analysisIAM integrationCommunication skillsDocumentation skillsCollaboration skills

Required

Bachelor's degree in information security, Computer Science, Information Systems, or related field, or equivalent experience
5–8+ years in SAP Security with deep knowledge of role design, profiles, authorization objects, and SoD risk analysis
Hands on experience with S/4HANA or ECC, HANA DB security, and at least one reporting/analytics platform (e.g., BW/4HANA or BusinessObjects)
Proficiency with SAP GRC Access Control and familiarity with SAP IDM and SSO patterns
Strong communication, documentation, and cross functional collaboration skills with audit and business stakeholders

Preferred

Understanding of security frameworks and ITGCs such as ISO 27000, NIST 800, and COBIT
Experience with BRF+ and MSMP configuration in GRC, and complex access workflows
Background in upgrades, OS/DB or HANA migrations, and large multi system landscapes
Exposure to Security Bridge or similar SAP vulnerability/patch monitoring solutions
Familiarity with Fiori role design alongside classic authorization concepts

Company

Johnson Technology Systems, Inc. (JTSi)

twittertwitter
company-logo
Established in 2003, JTSi is an IT & Engineering Services provider with years of documented experience in the Information Technology and Engineering services field.
dateFounded in 2003
location
Reston, Virginia, USA
people-size51-200 employees
web-link
http://www.jtsusa.com/

Funding

Current Stage
Growth Stage
Company data provided by crunchbase