SAP Security with GRC Specialist C2C jobs in Northern Virginia

Job title: SAP Security with GRC Specialist
Location: Northern Virginia, VA (Onsite)
Duration: Contract

Job Description:
Position Overview

We are seeking an experienced SAP Security with GRC (Governance, Risk, and Compliance) Specialist to join our team supporting a large-scale government implementation in Northern Virginia. The ideal candidate
will be responsible for implementing, maintaining, and optimizing SAP security frameworks and GRC solutions to ensure compliance with regulatory requirements and organizational policies.

Key Responsibilities

SAP Security Management:

Design, implement, and maintain SAP security architecture across multiple SAP modules (ECC, S/4HANA, BW, CRM, etc.)
Manage user access provisioning, role-based access control (RBAC), and authorization concepts Perform security assessments, vulnerability analysis, and risk mitigation strategies
Monitor and maintain SAP security configurations and segregation of duties (SoD)
Implement and maintain Single Sign-On (SSO) solutions and identity management integration 
GRC Implementation & Management:

Configure and administer SAP GRC Access Control (AC) module for continuous compliance monitoring
Implement and maintain SAP GRC Process Control (PC) for internal controls automation
Manage SAP GRC Risk Management (RM) for enterprise risk assessment and mitigation
Conduct access risk analysis and remediation activities
Develop and maintain compliance reports and dashboards
Compliance & Audit Support:

Ensure compliance with government security standards (FISMA, FedRAMP, NIST)
Support internal and external audit activities by providing security documentation and evidence
Develop and maintain security policies, procedures, and documentation in accordance with government requirements
Perform periodic access reviews and certification campaigns
Coordinate with government stakeholders for compliance requirements
Technical Implementation:

Configure authorization objects, roles, and profiles in SAP systems
Implement security transport management and change control processes
Integrate GRC solutions with SAP and non-SAP systems
Troubleshoot security-related issues and provide technical support
Participate in SAP system upgrades and ensure security configurations are maintained
 

Required Qualifications
Technical Skills:

Bachelor’s degree in Information Technology, Computer Science, or related field
5+ years of experience in SAP Security and GRC implementations
Strong knowledge of SAP authorization concepts (PFCG, SU01, SU53, etc.)
Experience with SAP GRC Access Control 10.x/12.x configuration and administration
Proficiency in SAP GRC Process Control and Risk Management modules
Understanding of SAP basis administration and system landscape
Knowledge of ABAP for security-related customizations
Experience with SAP identity management solutions (IDM/IPS)
Compliance & Security:

Strong understanding of SOX compliance requirements and controls
Knowledge of government compliance requirements (FISMA, FedRAMP, NIST frameworks)
Experience with public sector security protocols and procedures
Understanding of government audit requirements and documentation standards
Understanding of risk management principles and methodologies
Professional Skills:

Excellent analytical and problem-solving abilities
Strong communication and documentation skills
Ability to work with cross-functional teams and business stakeholders
Project management experience preferred
Relevant certifications (SAP Security, GRC, CISSP, CISA) are a plus
Preferred Qualifications

SAP S/4HANA security implementation experience
Experience with cloud-based SAP solutions (SAP Cloud Platform, SuccessFactors)
Knowledge of integration technologies (SAP PI/PO, CPI)
Experience with automated provisioning and workflow solutions
Previous experience in government or public sector environments
Active security clearance (Secret/Top Secret) strongly preferred
Experience with federal compliance frameworks and audit processes