img
Contract TypeFull-time
Workplace typeOn-site
LocationRiyadh

Job Description

About the Role

YASH Technologies Middle East is seeking an experienced SAP Security & GRC Architect to join their team in Riyadh, Saudi Arabia. This full-time position requires a seasoned professional with extensive expertise in SAP Security, Role Design, Governance Risk & Compliance (GRC), and enterprise access control. The ideal candidate will have a proven track record in leading end-to-end SAP implementations, global security transformations, and S/4HANA security design across complex landscapes.

Key Responsibilities

  • Lead the design and implementation of SAP Security architecture across ECC, S/4HANA, BW/4HANA, Ariba, IBP, SuccessFactors, and BTP environments.
  • Design and maintain an enterprise role matrix aligned with business processes and regulatory requirements.
  • Develop single, composite, and derived roles utilizing PFCG and authorization concepts.
  • Design authorization concepts for S/4HANA systems, including Fiori tile-based access.
  • Prepare Fiori security designs, catalog mappings, and role assignment strategies.
  • Support the S/4HANA implementation security strategy.
  • Implement SAP GRC Access Control modules, including ARA, ARM, BRM, EAM, and UAR.
  • Design and configure SOD rule sets and risk mitigation controls.
  • Build risk and control matrices aligned with SOX and internal audit requirements.
  • Implement emergency access management (Firefighter IDs) and monitor associated logs.
  • Implement IAG for Ariba, IBP, SuccessFactors, and BTP cloud applications.
  • Implement SAP Identity Access Governance (IAG) services, including Access Request, Access Analysis, and Access Certification.
  • Configure custom rule sets for cloud applications.
  • Enable hybrid access governance between on-premise and cloud SAP systems.
  • Support privileged access management initiatives.
  • Establish risk catalogs, assess risk likelihood and financial impact, and define risk mitigation strategies within the SAP platform.
  • Map business processes, design internal controls (SOX, Segregation of Duties), and configure Automated Continuous Control Monitoring (CCM).
  • Manage control self-assessments, evaluate control effectiveness, track testing evidence, and address identified deficiencies.
  • Generate compliance dashboards, maintain control documentation, and assist internal/external auditors with compliance reviews.
  • Set up roles, notifications, and approval workflows for surveys, testing, and issue resolution.

Qualifications and Experience

  • Extensive experience in SAP Security, Role Design, Governance Risk & Compliance (GRC), and enterprise access control.
  • Proven experience in leading end-to-end SAP implementations.
  • Demonstrated experience in global security transformations.
  • Expertise in S/4HANA security design.
  • Experience with SAP ECC, S/4HANA, BW/4HANA, Ariba, IBP, SuccessFactors, and BTP environments.
  • Proficiency in PFCG and authorization concepts.
  • Experience with Fiori security design and implementation.
  • Hands-on experience with SAP GRC Access Control (AC), including ARA, ARM, BRM, EAM, and UAR.
  • Experience with SAP GRC Process Control (PC) and Risk Management (RM).
  • Experience with SAP Identity Access Governance (IAG).
  • Familiarity with SuccessFactors Role-Based Permissions (RBP).
  • Experience with Central User Administration (CUA).
  • Strong understanding of SOX Compliance and IT Audit principles.
  • Proficiency in Segregation of Duties (SOD) Management.

Required Skills

  • SAP Security (ECC, S/4HANA, BW/4HANA, Fiori, BTP, ARIBA, IBP)
  • SAP GRC (AC, PC, RM)
  • SAP IAG
  • SuccessFactors RBP
  • Central User Administration (CUA)
  • SOX Compliance
  • IT Audit
  • Segregation of Duties (SOD) Management
  • Role Design
  • Governance Risk & Compliance (GRC)
  • Enterprise Access Control
  • SAP Implementations
  • Global Security Transformations
  • S/4HANA Security Design
  • PFCG
  • Authorization Concepts
  • Fiori
  • Access Risk Analysis (ARA)
  • Access Request Management (ARM)
  • Business Role Management (BRM)
  • Emergency Access Management (EAM)
  • User Access Review (UAR)

Work Environment and Location

This is a full-time position based in Riyadh, Saudi Arabia. The role requires over 10 years of relevant experience.


Requirements

  • Requires +10 Years experience

Similar Jobs