SAP GRC & Security Specialist

Job Summary

B&A is seeking an experienced SAP GRC & Security Specialist to design, implement, and manage governance, risk, and compliance (GRC) and security solutions across SAP environments. This role is responsible for ensuring regulatory compliance, enforcing security controls, and supporting audit readiness while aligning SAP security architecture with enterprise and federal security requirements.

• Design, implement, and maintain SAP security roles, profiles, and authorizations
• Administer and support SAP GRC Access Control modules, including:
  • Access Risk Analysis (ARA)
  • Access Request Management (ARM)
  • Business Role Management (BRM)
  • Emergency Access Management (EAM)
• Perform Segregation of Duties (SoD) analysis and risk remediation
• Lead user provisioning, de-provisioning, and access reviews
• Support internal and external audit activities
  , including evidence gathering and remediation tracking
• Develop and maintain security policies, procedures, and control documentation
• Monitor and respond to SAP security incidents and vulnerabilities
• Collaborate with functional and technical teams to ensure secure SAP configurations
• Ensure compliance with federal, regulatory, and organizational security standards
• Provide recommendations for continuous improvement of SAP security posture

• Bachelor’s degree from an accredited college or university in Computer Science, Information Technology, Finance, Supply Chain Management, or a related field
• Minimum of 5–8 years of experience in SAP Security and/or SAP GRC

• Hands‑on experience with SAP GRC Access Control (ARA, ARM, BRM, EAM)
• Strong understanding of Segregation of Duties (SoD) concepts and risk analysis
• Experience with SAP environments such as SAP ECC, S/4
  
  HANA, BW, and Fiori
• Knowledge of role‑based access control (RBAC) and SAP authorization concepts
• Experience supporting audits, compliance reviews, and remediation activities
• SAP Security Administration (user roles, profiles, authorizations)
• SAP GRC Access Control configuration and support
• Segregation of Duties (SoD) analysis and mitigation
• Risk and compliance management
• Audit support and documentation
• Identity and access management (IAM) principles
• Strong understanding of SAP system landscapes and transport management
• Ability to interpret and implement regulatory/security requirements
• Familiarity with federal security frameworks (e.g., NIST, FISMA)
• Strong analytical, problem‑solving, and documentation skills

• Experience with SAP S/4
  
  HANA migrations or implementations
• Knowledge of SAP Fiori security and authorization concepts
• Familiarity with Identity Governance tools (e.g., SailPoint, Okta, Azure AD)
• Experience with automated controls and continuous monitoring tools
• Background in Dev Sec Ops  or secure SDLC practices
• Experience integrating SAP GRC with non‑SAP systems
• SAP certifications (e.g., SAP Security, SAP GRC)
• Experience working in federal or highly regulated environments
• Scripting or automation experience (e.g., Python, Power Shell)

• Active Top Secret (TS) or DOE Q clearance is required; eligibility for SCI access may be required depending on program assignment

• B&A is proud to offer three robust individual and family medical plans to full time employees, including a Health Savings Account (HSA) option as well as two tiers of dental coverage, vision, life & AD&D, disability, accident, hospital indemnity, and critical illness insurance.
• Employees enjoy paid time off, B&A sponsored trainings and certifications, pet insurance benefits, commuter transit benefits, and a free subscription to a virtual exercise platform (NEOU).
• B&A’s 401(k) plan is available to all employees and includes a company matching contribution.
• The B&A Cares program: 30/60/90‑day wellness check‑ins, personal development, financial management, and stress management seminars, and more
• A formal mentorship program
• Job shadowing and cross‑training opportunities
• Brand Ambassador program
• Employee Assistance Program (EAP) – access to various support resources to include counseling, legal guidance, financial planning, and more
• Monthly teambuilding events
• B&A Annual Wellness Challenges:
  StepWithB&A, Walk During Lunch With B&A, Volunteering
  
  WithB&A, Exercise During Lunch With B&A, and more

B&A provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, gender, sexual orientation, gender identity or expression, national origin, age, disability, genetic information, marital status, amnesty, or status as a covered veteran in accordance with applicable federal, state and local laws. B&A complies with applicable state and local laws governing non‑discrimination in employment in every location in which the company has facilities.