Job Description:

Role Summary
As an SAP Security Consultant, you will design, implement, and maintain the security framework for a large-scale SAP S/4HANA Private Cloud environment. The core focus will be on designing, building, and testing role-based security specifically for Central Procurement (Centralized Sourcing, Purchase Orders, Supplier Management, and Procurement Analytics), ensuring adherence to Segregation of Duties (SoD) and compliance standards. 
Key Responsibilities
1. S/4HANA Private Cloud Role Design & Authorization
•    Role Design & Build: Design and build role-based security (PFCG) for S/4HANA, mapping business processes to technical roles.
•    Fiori Security: Implement and maintain security controls for SAP Fiori apps, including catalog and tile management.
•    Private Cloud Governance: Adhere to the shared responsibility model, managing application-level authorization, user identity, and role-based access.
•    Optimization: Update authorization defaults (SU24) for transactions and Fiori apps to ensure clean role design. 
2. Central Procurement Specialized Role Designing
•    Central Procurement Roles: Design roles specific to Central Procurement scenarios, including Central Sourcing, Contract Management, and Purchase Order processing.
•    Responsibility Management: Configure "Manage Teams and Responsibilities" (Responsibility Management) to align procurement authorizations with organizational structure.
•    Procurement Apps Security: Create roles that secure specific Fiori procurement apps (e.g., Manage Purchase Orders, Create Supplier Invoices).
•    Sourcing & Supplier Management: Implement authorization controls for managing business partner master data (LO-MD-BP) and purchasing blocks.
•    Analytics Security: Configure security for Procurement Overview Pages and CDS view-based analytics
Security Governance & Compliance (GRC)
•    Segregation of Duties (SoD): Perform SoD risk analysis and remediation, ensuring no conflicts exist in procurement-to-pay (P2P) roles.
•    Audit Readiness: Participate in SAP audit discussions and assist in resolving compliance findings.
•    Sensitive Access: Strictly control roles with access to sensitive or confidential data (e.g., vendor master data modification). 

4. Troubleshooting & Testing
•    Authorization Tracing: Analyze SU53 logs, ST01/STAUTHTRACE traces, and resolve security dumps.
•    Security Testing: Perform unit testing and support User Acceptance Testing (UAT) for new roles, particularly ensuring Fiori apps and backend transactions work harmoniously. 

Required Qualifications
•    Experience: 5+ years of SAP Security experience, with a minimum of 2+ years specifically in SAP S/4HANA Security.
•    Cloud Experience: Strong understanding of SAP S/4HANA Private Cloud Edition (PCE) or RISE with SAP security concepts.
•    Procurement Knowledge: Strong knowledge of SAP Procurement (MM) processes, specifically Central Procurement, Sourcing, and Supplier Collaboration.
•    Technical Proficiency: Deep understanding of PFCG, Fiori Fiori Catalogs/Groups, SU24, and Role-Based Access Control (RBAC).
•    Skills: Experience with SAP GRC Access Control and SOD conflict resolution.
•    Education: Bachelor’s degree in Computer Science, Information Systems, or a related field. 

Get empowered by NTT DATA Business Solutions!

We transform. SAP® solutions into Value

NTT DATA Business Solutions is a fast-growing international IT company and one of the world’s leading SAP partners. We are a full service provider delivering everything from business consulting to implementation of SAP solutions, including hosting services and support.