SAP GRC/Security Consultant

Job Title: SAP GRC/Security Consultant
Company: Turnkey Consulting
Location: United States (Considering candidates in any US location)

About Turnkey Consulting
Turnkey Consulting is a leading advisory and implementation organization with deep expertise in risk management, governance, and compliance & security. Having the ability to provide end-to-end solutions that integrate technology, process, and people. Our business started within the SAP ecosystem, however expansion into being an agnostic partner, now gives us a wider range of solutions to support our customers, while securing their wider estate. Turnkey Consulting helps businesses optimize their risk management, security and compliance programs, protect against Cyber threats, reduce costs, and improve their operational efficiency. With a team of seasoned risk professionals and a commitment to excellence, we empower businesses to proactively protect their critical assets and stay ahead of evolving threats.

Job Summary

The candidate will play a key role in handling client engagements, as well as utilizing strong technical experience to find solutions that best fit our clients’ needs. We are looking for a team-player and strong all-rounder with at least 2 implementations and 2 years of practical experience in the following areas

• Detailed understanding of the SAP authorization concept in one or more of the following areas: ECC, SAP S/4 HANA, HCM, CRM, SRM, BW, BI, BPC, SAP HANA 


• Experience of designing, building and implementing SAP security and authorization solutions


• Exposure to various system user interfaces (UI), including SAP but also other relevant SaaS products  


• Detailed understanding of SAP GRC suite of applications, with a demonstrable specialism in core modules contained within (ideally v12 onward)


• Experience of IDM solutions, either SAP’s IDM solution, or non-SAP, such as SailPoint or Saviynt would be of advantage. 


• Experience of third-party solutions to secure SAP estates also an advantage 


• Experience of SAP Fiori catalogs, groups, pages and spaces


• Experience of SAP IAG solutions would be an advantage, both IAS and IPS

Our experienced consultants are a key driver of our success as one of the most trusted names in the end-to-end security arena and we are committed to delivering to a consistently high standard. Key responsibilities of the role are: 

• Task management of large / complex implementations, especially in Application security or enterprise risk/identity projects 


• Implementation of GRC technology and supporting modules 


• Work with clients to understand "why" they're in need of such solutions, define requirements and configure solutions to best fit those needs 


• Perform controls and configuration reviews involving relevant application systems and processes 


• Advise clients on controls in their enterprise systems relating to regulatory or legislative compliance 


• Review and advise on security redesign and remediation projects 


• Provide a broader range of information risk management solutions to clients as required 


• Build relationships with new clients and maintain good relations with our existing client base 


• Integrate solutions into wider cybersecurity controls estates 

We are looking ideally for someone with the following attributes:

• The ability to troubleshoot and diagnose problems / issues and provide prompt, robust resolution 


• An enquiring mind to discover "why" clients need to introduce the controlling measures.


• The ability to manage projects within varied client engagements and lead reviews and implementations 


• Knowledge of corporate business processes and their control points 


• Good understanding of various IT regulations and standards, including: Sarbanes Oxley, COBIT, ISO series & the GDPR 


• Bachelor’s degree 


• Professional certification (e.g. CISA, M.Inst.ISP, CISSP, ISO) 


• SAP certification (Security, GRC) 


• Consulting background 


• Strong written and verbal communication skills 


• Integration experience 


• Ability to act as an SME to install, design, engineer and configure security solutions to meet client needs


• Ability to effectively manage own time and priorities effectively and to work both as part of a team and individually.


• Able to communicate technical and functional requirements to both the business and IT

Key responsibilities of the role will include:

• Project manage large / complex SAP Security implementations, especially for S/4 HANA projects


• Implementation of GRC Access Controls and supporting modules


• Work with clients to understand requirements and configure solutions to best fit those needs


• Perform controls and configuration reviews involving SAP systems


• Advise clients on controls in SAP relating to regulatory or legislative compliance


• Review and advise on SAP security redesign and remediation projects


• Provide a broader range of information risk management solutions to clients as required


• Build relationships with new clients and maintain good relations with our existing client base


• Integrate solutions into wider cybersecurity controls estates

We are an Equal Opportunity Employer and do not discriminate against any employee or applicant for employment because of race, color, sex, age, national origin, religion, sexual orientation, gender identity and/or expression, status as a veteran, and basis of disability or any other federal, state or local protected class. When we collect your personal information as part of a job application or offer of employment, we do so in accordance with industry standards and best practices and in compliance with applicable privacy laws.