Job Description:
We are seeking a cleared SAP Security Subject Matter Expert (SME) with strong expertise in SAP Dynamic Authorization, SAP Fortify (Application Security Testing), and cloud migration of SAP security applications. The candidate will lead and support secure migrations of SAP security solutions to cloud platforms (Azure, AWS, GCP, or SAP BTP), ensuring robust authorization management and secure application development practices.
Key Responsibilities:
- Design, configure, migrate, and manage SAP Dynamic Authorization Management (DAM/ABAC) solutions across ECC, S/4HANA, BW, EWM, and Fiori environments.
- Lead the migration of SAP security and Fortify solutions to cloud platforms (AWS, NS2 cloud).
- Integrate dynamic authorization with SAP GRC, Identity Access Governance (IAG), Identity Authentication Service (IAS), and hybrid landscapes.
- Perform SAP Fortify static code scans on ABAP/Java developments, analyze vulnerabilities, and provide remediation guidance.
- Ensure secure coding standards are enforced across development and migration projects.
- Support cloud security hardening (SNC, SSO, TLS/SSL, encryption, certificates, key management).
- Collaborate with Basis, Development, and Cloud teams to ensure seamless migration of roles, profiles, and authorizations during system moves.
- Conduct security risk assessments and ensure compliance with federal and DoD frameworks (NIST, FISMA, STIGs, GDPR).
- Provide audit support and ensure full compliance during and after cloud migration activities.
- Develop playbooks, documentation, and best practices for SAP security in hybrid and cloud landscapes.
Required Skills & Qualifications:
- Active [Secret / Top Secret] clearance.
- Proven experience with SAP Dynamic Authorization (DAM/ABAC) and SAP Fortify application security testing.
- Hands-on expertise in SAP security migrations to cloud (SAP BTP, Azure, AWS, or GCP).
- Deep knowledge of SAP role design, profiles, SU24, PFCG, and authorization objects.
- Strong understanding of DevSecOps pipelines and integrating Fortify into CI/CD.
- Experience with SAP GRC, SAP IAG/IAS, and S/4HANA security.
- Strong background in federal compliance frameworks (NIST, FISMA, DoD STIGs, SOX).
- Excellent problem-solving, communication, and documentation skills.
Preferred Skills:
- SAP Certified in Security, GRC, or S/4HANA.
- Prior experience with federal cloud migrations (IL4, IL5, FedRAMP environments).
- Familiarity with Zero Trust security frameworks in SAP landscapes.
- Experience with hybrid SAP landscapes (Cloud to Cloud).
We are an equal opportunity employer. All aspects of employment including the decision to hire, promote, discipline, or discharge, will be based on merit, competence, performance, and business needs. We do not discriminate on the basis of race, color, religion, marital status, age, national origin, ancestry, physical or mental disability, medical condition, pregnancy, genetic information, gender, sexual orientation, gender identity or expression, national origin, citizenship/ immigration status, veteran status, or any other status protected under federal, state, or local law.