BR

SAP Security Engineer (GRC – Technical)

Job summary

Allen
Engineering

Work model

Fully remote
Only US
1 week ago
Job description

Bright Vision Technologies is a forward-thinking software development company dedicated to building innovative solutions that help businesses automate and optimize their operations. We leverage cutting-edge technologies to create scalable, secure, and user-friendly applications.

As we continue to grow, we're looking for a skilled SAP Security Engineer (GRC – Technical) to join our dynamic team and contribute to our mission of transforming business processes through technology.

This is a fantastic opportunity to join an established and well-respected organization offering tremendous career growth potential.

Position Details

  • Location: 100% Remote (Continental United States)
  • Position Type: In-house Bright Vision Technologies SOW engagement (no third-party client or vendor)
  • Experience: 5+ years
  • Salary: 100k - 150k
  • Employment Type: Full-time, direct W2 with Bright Vision Technologies (no C2C, no 1099, no third-party)
  • Engagement: Long-term, multi-year, aligned to the Bright Vision SOW delivery roadmap

Employment Terms & Visa Policy

This is a 100% remote, full-time, direct W2 position with Bright Vision Technologies. This role is part of Bright Vision Technologies' in-house Statement of Work (SOW) engagement. The client, end customer, and employer for this position is Bright Vision Technologies --- there is no third-party client, vendor, or implementation partner involved.

We do not engage in C2C, 1099, or third-party arrangements for this role.

STRICTLY NO C2C/1099/3RD PARTY COMPANIES. ALL OUR ROLES ARE W2 AND NO 3RD PARTY BROKERING PLEASE. Candidates must be willing to work directly as a full-time W2 employee of Bright Vision Technologies and contribute to our in-house SOW deliverables.

No new H1B sponsorship is available for this role. However, candidates who are currently on a valid H1B visa and require a transfer are welcome to apply. We will support H1B transfers for qualified candidates. For every role, a technical coding assessment is mandatory.

Job Summary

We are seeking an experienced SAP Security and GRC (Governance, Risk, and Compliance) Engineer to design, implement, and operate security and access-control frameworks for complex SAP landscapes, including S/4HANA, ECC, BW/4HANA, Fiori, BTP, and SuccessFactors. In this role you will be responsible for SAP role design, user provisioning, segregation-of-duties analysis, audit support, and the technical operation of SAP GRC suites. The ideal candidate will combine deep expertise in SAP authorization concepts with strong hands-on experience operating SAP GRC Access Control and Process Control, and will partner closely with audit, compliance, and business teams to deliver a secure, auditable SAP environment.

Key Responsibilities

  • Design and maintain SAP authorization concepts and role structures aligned with business processes and least-privilege principles
  • Build and maintain master, derived, composite, and business roles for S/4HANA, ECC, and Fiori applications
  • Configure and operate SAP GRC Access Control (ARA, ARM, BRM, EAM), including ruleset management, mitigating controls, and emergency access management
  • Perform segregation-of-duties analysis and remediation in collaboration with business process owners and internal audit
  • Configure user provisioning workflows in SAP GRC ARM, including request types, approval paths, and integration with IDM/IAM platforms
  • Operate SAP GRC Process Control for continuous controls monitoring and policy management
  • Implement security for Fiori applications, including catalogs, groups, and front-end authorizations
  • Configure and operate security for SAP BTP and cloud applications using XSUAA, IAS, and IPS
  • Support SAP audits (SOX, GxP, PCI) and respond to audit findings with documented remediation plans
  • Implement transport security, table logging, and audit logging in line with internal security policies
  • Monitor and remediate SAP Security Notes in coordination with Basis and DBA teams
  • Maintain comprehensive, current technical documentation --- including architecture diagrams, design decisions, configuration references, runbooks, and operational procedures
  • Mentor junior team members and support knowledge transfer across the security team

Required Qualifications

  • Bachelor's degree in Computer Science, Engineering, or a related technical discipline
  • Five or more years of SAP Security / GRC experience in enterprise landscapes
  • Strong hands-on experience with SAP authorization concepts and role design
  • Deep experience operating SAP GRC Access Control (ARA, ARM, BRM, EAM)
  • Experience supporting SAP audits and remediation activities
  • Hands-on experience securing Fiori, BTP, and cloud SAP applications
  • Familiarity with SAP IDM or third-party IGA tooling
  • Working knowledge of SAP Process Control
  • Strong understanding of regulatory frameworks such as SOX, GxP, and PCI
  • Excellent communication and documentation skills

Preferred Qualifications

  • SAP-certified Security or GRC credentials
  • Experience with SAP Cloud Identity services (IAS, IPS) and SCIM-based integrations
  • Familiarity with HANA security and analytic privileges
  • Experience with continuous controls monitoring frameworks
  • Exposure to SAP RISE / Grow security operating models

How To Apply

For immediate consideration, please send your resume to [email protected] or contact us at (908) 676-4399. Learn more about Bright Vision Technologies at www.bvteck.com.

Bright Vision Technologies is an Equal Opportunity Employer, including Disability/Veterans.