×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity SAP Consultant Information Security IT Business Analyst

SAP GRC analyst and Security Consultant

Job in Calgary, Alberta, D3J, Canada
Listing for: Symhas
Full Time position
Listed on 2026-06-19
Job specializations:
  • IT/Tech
    Cybersecurity, SAP Consultant, Information Security, IT Business Analyst
Salary/Wage Range or Industry Benchmark: 100000 - 125000 CAD Yearly CAD 100000.00 125000.00 YEAR
Job Description & How to Apply Below

We are looking for a seasoned SAP GRC and Security Consultant to take full ownership of access risk, compliance controls, and identity governance across a complex SAP landscape. This is a hands‑on contract engagement based in Calgary — you will not be advising from the sidelines. You'll configure, remediate, govern, and deliver, working directly with business process owners, internal audit, and IT security teams to build a compliant, audit‑ready SAP environment.

What

you'll do
  • Own the end‑to‑end design, configuration, and ongoing governance of SAP GRC Access Control (AC) — including ARA, ARM, EAM, and BRM modules.
  • Define and maintain the enterprise Segregation of Duties (SoD) ruleset; identify, analyze, and remediate SoD conflicts across SAP ECC and/or S/4

    HANA landscapes.
  • Design and implement role‑based access control (RBAC) frameworks — building, testing, and documenting SAP roles and authorization objects aligned to least‑privilege principles.
  • Configure and govern Firefighter (Emergency Access Management) workflows — owner assignments, log reviews, and audit trail reporting.
  • Lead access certification campaigns and periodic user access reviews (UAR) in collaboration with role owners and business process owners.
  • Support and drive SAP S/4

    HANA security migration and role redesign initiatives where applicable.
  • Partner with internal audit and compliance teams to prepare evidence packages, remediate findings, and maintain SOX, SOC 2, or equivalent compliance posture.
  • Integrate SAP GRC with Identity Governance and Administration (IGA) tools — SailPoint, Saviynt, or equivalent — where required.
  • Develop and maintain GRC governance documentation: rulesets, control matrices, risk registers, and process runbooks.
  • Mentor junior security analysts and serve as the internal SAP GRC subject matter expert for stakeholder escalations.
What you bring

8–10 years of hands‑on SAP security and GRC experience — not advisory or project management, but direct configuration and governance ownership.

Deep expertise in SAP GRC Access Control — ARA (Access Risk Analysis), ARM (Access Request Management), EAM (Emergency Access Management), and BRM (Business Role Management).

Expert‑level knowledge of SAP authorization concepts: authorization objects, profiles, roles (single, composite, derived), SU24, PFCG, and SU53 analysis.

Proven experience designing and remediating SoD rulesets in production SAP environments — not just running SoD reports, but owning the ruleset and driving remediation to closure.

Experience with SAP ECC and/or S/4

HANA security — including Fiori app authorization, business roles, and the S/4 authorization concept changes from ECC.

Working knowledge of SOX IT General Controls (ITGCs) as they apply to SAP access and change management — and experience preparing audit evidence.

Strong communication skills — able to translate SAP authorization complexity into plain language for business process owners, auditors, and C‑level stakeholders.

Nice to have
  • Experience with SAP GRC Process Control (PC) for automated control monitoring.
  • SAP S/4

    HANA security migration project experience — role redesign, clean‑up, and Fiori authorization model.
  • Integration experience with IGA platforms:
    SailPoint Identity IQ/Identity Now, Saviynt, or Cyber Ark.
  • Background in energy, oil and gas, utilities, or financial services — sectors with complex Calgary‑market SAP footprints.
  • SAP Certified Technology Associate — SAP GRC Access Control certification.
  • Familiarity with SAP BTP (Business Technology Platform) security and identity management.
  • Experience with SAP Audit Management or integration of GRC with external GRC platforms (Archer, Service Now GRC).
Tech stack & tools
  • SAP GRC
  • GRC AC 12.0, ARA, ARM, EAM, BRM, Process Control, Risk Management
  • SAP Security
  • PFCG, SU24, SU53, SUIM, S/4

    HANA roles, Fiori authorization, derived roles
  • Compliance
  • SOX ITGCs, SoD ruleset design, UAR campaigns, audit evidence, control matrices
  • IGA integration
  • SailPoint, Saviynt, Cyber Ark, Azure AD / Entra , LDAP
  • Reporting & docs
  • SAP SUIM, GRC dashboards, risk registers, runbooks, Archer, Service Now GRC
  • Platforms
  • SAP ECC 6.0, S/4

    HANA 2020/2022, SAP BTP, Fiori Launchpad

Why Calgary — why now…

Note that applications are not being accepted from your jurisdiction for this job currently via this jobsite. Candidate preferences are the decision of the Employer or Recruiting Agent, and are controlled by them alone.
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search