SAP Security IAM Consultant

Requirements Gathering

• Analyze existing roles and authorization profiles (PFCG). Identify redundancies, conflicts, and obsolete roles.
• Review SUIM reports and user-role assignments.
• Conduct workshops with business process owners. Define job-based access requirements.
• Document functional and compliance needs. Align with internal security policies and audit requirements.

Role Redesign & Optimization:

• Design role concept (single roles, composite roles, derived roles). Apply least-privilege principle.
• Eliminate redundant or conflicting authorizations. Standardize naming conventions and role structure.
• Assess Segregation of Duties (SoD) risks.
• Design, implement, and maintain SAP authorization concepts and roles based on business requirements and security standards (SoDs).
• Collaborate with stakeholders to analyze and understand authorization needs for various business processes and modules.

Required knowledge, competencies, skills & experience

• Bachelor's degree in computer science, Information Systems, or a related field.
• 7–10+ years of hands-on experience in SAP Security and Authorization design and support.
• Proven experience in end-to-end role design, including blueprinting, build, testing, and deployment.
• Strong experience in complex SAP landscapes (ECC)