remote

SAP Security Engineer - Bright Vision Technologies

Security Engineer

SAP Security Engineer focused on GRC, responsible for configuring and maintaining SAP security, access control, identity management, and audit processes to ensure compliance and protect enterprise data.

About the role

SAP Security Engineer

Design and maintain SAP authorization concepts and role structures aligned with business processes and least-privilege principles.
Build and maintain master, derived, composite, and business roles for S/4HANA, ECC, and Fiori applications.
Configure and operate SAP GRC Access Control (ARA, ARM, BRM, EAM), including ruleset management, mitigating controls, and emergency access management.
Perform segregation-of-duties analysis and remediation in collaboration with business process owners and internal audit.
Configure user provisioning workflows in SAP GRC ARM, including request types, approval paths, and integration with IDM/IAM platforms.
Operate SAP GRC Process Control for continuous controls monitoring and policy management.
Implement security for Fiori applications, including catalogs, groups, and front-end authorizations.
Configure and operate security for SAP BTP and cloud applications using XSUAA, IAS, and IPS.
Support SAP audits (SOX, GxP, PCI) and respond to audit findings with documented remediation plans.
Implement transport security, table logging, and audit logging in line with internal security policies.
Monitor and remediate SAP Security Notes in coordination with Basis and DBA teams.
Maintain comprehensive, current technical documentation — including architecture diagrams, design decisions, configuration references, runbooks, and operational procedures — so that the system remains supportable, auditable, and easy to onboard new engineers onto over time.
Mentor junior team members and support knowledge transfer across the security team.
Bachelor’s degree in Computer Science, Engineering, or a related technical discipline.
Five or more years of SAP Security / GRC experience in enterprise landscapes.
Strong hands-on experience with SAP authorization concepts and role design.
Deep experience operating SAP GRC Access Control (ARA, ARM, BRM, EAM).
Experience supporting SAP audits and remediation activities.
Hands-on experience securing Fiori, BTP, and cloud SAP applications.
Familiarity with SAP IDM or third-party IGA tooling.
Working knowledge of SAP Process Control.
Strong understanding of regulatory frameworks such as SOX, GxP, and PCI.
Excellent communication and documentation skills.
SAP-certified Security or GRC credentials.
Experience with SAP Cloud Identity services (IAS, IPS) and SCIM-based integrations.
Familiarity with HANA security and analytic privileges.
Experience with continuous controls monitoring frameworks.
Exposure to SAP RISE / Grow security operating models.

Equal Employment Opportunity (EEO) Statement

Bright Vision Technologies (BV Teck) is committed to equal employment opportunity (EEO) for all employees and applicants without regard

About the role

SAP Security Engineer

Design and maintain SAP authorization concepts and role structures aligned with business processes and least-privilege principles.
Build and maintain master, derived, composite, and business roles for S/4HANA, ECC, and Fiori applications.
Configure and operate SAP GRC Access Control (ARA, ARM, BRM, EAM), including ruleset management, mitigating controls, and emergency access management.
Perform segregation-of-duties analysis and remediation in collaboration with business process owners and internal audit.
Configure user provisioning workflows in SAP GRC ARM, including request types, approval paths, and integration with IDM/IAM platforms.
Operate SAP GRC Process Control for continuous controls monitoring and policy management.
Implement security for Fiori applications, including catalogs, groups, and front-end authorizations.
Configure and operate security for SAP BTP and cloud applications using XSUAA, IAS, and IPS.
Support SAP audits (SOX, GxP, PCI) and respond to audit findings with documented remediation plans.
Implement transport security, table logging, and audit logging in line with internal security policies.
Monitor and remediate SAP Security Notes in coordination with Basis and DBA teams.
Maintain comprehensive, current technical documentation — including architecture diagrams, design decisions, configuration references, runbooks, and operational procedures — so that the system remains supportable, auditable, and easy to onboard new engineers onto over time.
Mentor junior team members and support knowledge transfer across the security team.
Bachelor’s degree in Computer Science, Engineering, or a related technical discipline.
Five or more years of SAP Security / GRC experience in enterprise landscapes.
Strong hands-on experience with SAP authorization concepts and role design.
Deep experience operating SAP GRC Access Control (ARA, ARM, BRM, EAM).
Experience supporting SAP audits and remediation activities.
Hands-on experience securing Fiori, BTP, and cloud SAP applications.
Familiarity with SAP IDM or third-party IGA tooling.
Working knowledge of SAP Process Control.
Strong understanding of regulatory frameworks such as SOX, GxP, and PCI.
Excellent communication and documentation skills.
SAP-certified Security or GRC credentials.
Experience with SAP Cloud Identity services (IAS, IPS) and SCIM-based integrations.
Familiarity with HANA security and analytic privileges.
Experience with continuous controls monitoring frameworks.
Exposure to SAP RISE / Grow security operating models.

Equal Employment Opportunity (EEO) Statement

Bright Vision Technologies (BV Teck) is committed to equal employment opportunity (EEO) for all employees and applicants without regard

SAP Security Engineer - Bright Vision Technologies

About the role

SAP Security Engineer - Bright Vision Technologies

About the role

Skills