SAP Security and GRC Access Control Specialist

NOVIPRO is a specialized consulting firm in digital transformation and cybersecurity, supporting Canadian organizations in identifying and securing top-tier technical talent. We are currently recruiting on behalf of a major organization in the manufacturing sector to fill a critical role in SAP Security and GRC Access Control.

• 
  

  Title: SAP Security and GRC Access Control Specialist



• 
  

  Contract Duration: 6 months

  
  


• 
  

  Workload: 35 hours per week

  
  


• 
  

  Work Arrangement: 100% remote within Canada (Eastern Time Zone)

  
  


• 
  

  Employment Type: Contract

  
  


• 
  

  Citizenship/Work Authorization: Must be legally authorized to work in Canada

  
  

Responsibilities

• 
  

  Administer and govern user access, role assignments, and authorization structures across multiple SAP landscapes, including ECC, S/4HANA, BW, and Fiori-based environments.

  
  


• 
  

  Design, build, and maintain SAP security roles in alignment with Segregation of Duties (SoD) principles and least-privilege access models.

  
  


• 
  

  Operate and optimize SAP GRC Access Control modules—Access Risk Analysis (ARA), Emergency Access Management (EAM), Business Role Management (BRM), and Compliant User Provisioning (CUP).

  
  


• 
  

  Configure and maintain risk analysis rules, access request workflows, and emergency access procedures.

  
  


• 
  

  Collaborate with cross-functional teams including business process owners, internal audit, and IT security teams to define and uphold access governance policies.

  
  


• 
  

  Perform periodic reviews of sensitive access and critical authorizations; analyze SAP security audit logs and address identified anomalies.

  
  


• 
  

  Support project delivery involving SAP role redesign, access remediation, or user migration during system upgrades or corporate acquisitions.

  
  


• 
  

  Enhance and document SAP security standards, methodologies, and internal control frameworks to ensure continued compliance with regulatory mandates (e.g., SOX, GDPR).

  
  

Required experience and expertise

• 
  

  Over 10 years of overall experience in cybersecurity, with a strong emphasis on enterprise-level identity and access governance.

  
  


• 
  

  5 to 10 years of direct experience in SAP security administration and GRC Access Control, including role design, SoD mitigation, and SAP security audits.

  
  


• 
  

  Expertise in SAP S/4HANA authorization models, including Fiori tile/group/catalog management and HANA database-level privileges.

  
  


• 
  

  Proven participation in SAP S/4HANA implementation or migration projects, with a focus on role architecture and access provisioning.

  
  


• 
  

  Strong proficiency in SAP authorization frameworks (PFCG, SU01, SUIM, ST01), user lifecycle management, and custom role modeling.

  
  


• 
  

  Hands-on experience with SAP GRC Access Control, particularly the ARA (Access Risk Analysis) and EAM (Emergency Access Management) modules.

  
  


• 
  

  Solid understanding of compliance and control standards such as SOX, GDPR, and ITGC.

  
  


• 
  

  Ability to work in a globally distributed, multicultural environment, adapting to cross-functional collaboration and remote coordination.

  
  

Assets:

• 
  

  SAP Certifications such as:

  
  
  
  
  • 
    

    SAP Certified Technology Associate – System Security Architect

    
    
  
  
  • 
    

    SAP Certified Associate – GRC Access Control