SAP GRC Consultant- Mumbai

Location: Andheri Mumbai

Position Overview

We are seeking a highly skilled SAP S/4HANA Security & GRC Consultant with 6–8 years of experience, preferably in the utility business sector. The role is critical in ensuring the confidentiality, integrity, and availability of SAP S/4HANA systems, protecting sensitive business data, and maintaining compliance with regulatory and organizational security standards.

The ideal candidate should possess deep expertise in SAP Governance, Risk, and Compliance (GRC) and hands-on experience in SAP Security design, implementation, and monitoring, along with strong collaboration skills to work across technical and business teams.

Key Responsibilities

1. Security Design & Implementation

• Develop, design, and implement security strategies for SAP S/4HANA in the utility domain.

• Configure and maintain role-based access controls (RBAC), authorizations, authentication mechanisms, and segregation of duties (SoD).

• Safeguard critical business data, processes, and transactions.

2. Risk Management & Compliance

• Perform risk assessments for SAP S/4HANA implementations and business processes.

• Conduct security audits, vulnerability assessments, and ensure adherence to compliance regulations.

• Recommend and implement security enhancements to minimize risks.

3. User Lifecycle Management

• Define and manage user provisioning & de-provisioning processes.

• Ensure access requests, approvals, and role assignments comply with business rules and security policies.

• Automate workflows where possible using SAP GRC Access Control tools.

4. Security Monitoring & Incident Response

• Set up and manage security monitoring tools for real-time detection of threats.

• Investigate, document, and resolve security incidents in coordination with incident response teams.

• Proactively identify vulnerabilities and provide recommendations.

5. Stakeholder Collaboration

• Partner with business stakeholders, SAP functional consultants, IT teams, and audit teams to capture security requirements.

• Translate business requirements into practical SAP security solutions.

6. Security Training & Awareness

• Design and deliver security training sessions for SAP S/4HANA users in the utility business.

• Promote best practices, security awareness, and policy adherence across teams.

7. Documentation & Reporting

• Prepare and maintain comprehensive documentation of security configurations, policies, access control designs, and audit findings.

• Ensure documentation is current, accurate, and accessible.

8. Security Patch Management

• Coordinate the application of security patches, updates, and SAP Notes.

• Continuously monitor SAP advisories and ensure systems remain secure.

9. External Collaboration

• Work with vendors, partners, and third-party service providers to secure integration points and data exchanges.

• Ensure compliance with industry standards and utility sector-specific regulatory requirements.

Required Skills & Competencies

• Proven expertise as an SAP S/4HANA Security Consultant, preferably in the utility business sector.

• Strong knowledge of SAP GRC concepts, processes, and tools.

• Hands-on experience with:

  • SAP GRC Access Control (ARM, ARA, BRM, EAM).

  • SAP Fiori and SAP HANA Database Security.

• Experience in audit coordination and remediation of audit observations.

• Strong analytical, problem-solving, and risk assessment skills.

• Ability to work both independently and collaboratively in cross-functional teams.

• Excellent communication and interpersonal skills for interaction with stakeholders.

• SAP Security / GRC certifications (preferred but not mandatory).

Experience Required: 6 – 8 Years
Qualification: B.E / B.Tech (SAP Certification Preferred)