Back to Jobs
United States

ALDO Group is hiring an IT Security Engineer

About the Role

The SAP GRC Security Engineer plays a vital role in securing the SAP landscape, focusing on S/4HANA and GRC solutions. The position involves designing roles, managing user access, configuring GRC modules, resolving security issues, and supporting compliance initiatives.

Responsibilities

  • Architect, deploy, and sustain security frameworks for SAP S/4HANA, SAP GRC modules, and associated systems such as Fiori and BW/4HANA.
  • Create and oversee secure authorization strategies, including role development, ongoing role updates, and user access assignment based on least privilege principles.
  • Ensure security configurations align with business operations while meeting internal controls and compliance standards like SOX and GDPR.
  • Administer SAP GRC Access Control components including Access Risk Analysis, Access Request Management, Emergency Access Management, and Business Role Management.
  • Customize Segregation of Duties risk rule sets, perform SoD assessments, and collaborate with process owners to resolve conflicts.
  • Implement and support SAP GRC Process Control for ongoing monitoring and compliance reporting where required.
  • Oversee user access lifecycle management across SAP environments, ensuring accurate provisioning, deactivation, and periodic access audits.
  • Diagnose and resolve advanced security and authorization issues in both production and non-production systems.
  • Carry out security updates, system patches, and synchronization across the SAP landscape.
  • Serve as the main technical liaison during internal and external SAP security audits.
  • Develop and maintain detailed security documentation such as policies, procedures, and system designs.
  • Monitor system logs, access changes, and critical privileges to detect and address potential security incidents.

Requirements

  • Bachelor’s degree in Computer Science, Information Technology, or a related discipline, or 1–5 years of relevant professional experience.
  • Minimum of five years of hands-on SAP Security experience, including at least two years with SAP S/4HANA and SAP GRC.
  • Demonstrated ability to design and implement SAP S/4HANA security roles, including Fiori authorizations using Catalogs, Groups, and OData services.
  • Extensive experience configuring and supporting SAP GRC Access Control, preferably version 12.0.
  • Solid understanding of security best practices across key SAP modules such as FI/CO, MM, SD, and HR, including integration points.
  • Familiarity with regulatory requirements including SOX, HIPAA, and GDPR as they apply to SAP access and data protection.
  • Experience managing transport requests and synchronizing security objects across SAP system landscapes.
  • Strong analytical and problem-solving skills for resolving complex security issues.

Benefits

  • Weekly pay cycles
  • Paid time off, parental leave, and observed holidays
  • Comprehensive insurance coverage including medical, dental, vision, disability, life, and prescription drug plans
  • 401(k) retirement plan with company matching
  • Employee Stock Purchase Plan
  • Tuition and education reimbursement programs
  • Legal insurance benefits
  • Discounts on gym memberships, pet insurance, and other lifestyle services

Discover a more connected career

The SAP GRC Security Engineer serves as a crucial role for maintaining the security, integrity, and compliance of our SAP landscape, focusing heavily on the SAP S/4HANA and SAP GRC (Governance, Risk, and Compliance) solutions. This role is key in ensuring successful role design, user access management, and GRC module configuration. This individual is responsible for analyzing and resolving security-related problems in a timely and accurate manner, and providing end-user training as needed.

Connecting you to great benefits

Weekly Paychecks, Paid Time Off, Parental Leave, and Holidays, Insurance (including medical, prescription drug, dental, vision, disability, life insurance), 401(k) w/ Company Match, Stock Purchase Plan, Education Reimbursement, Legal Insurance, Discounts on gym memberships, pet insurance, and much more!

What you’ll do

Design, implement, and maintain SAP security architecture for SAP S/4HANA, SAP GRC (Access Control, Process Control), and related SAP systems (e.g., Fiori, BW/4HANA). Develop and manage secure authorization concepts, including role design, role maintenance, and user access provisioning in alignment with the principle of least privilege. Ensure the security implementation supports business processes while adhering to internal controls and regulatory requirements (e.g., SOX, GDPR). Configure, maintain, and enhance SAP GRC Access Control modules, including Access Risk Analysis (ARA), Access Request Management (ARM), Emergency Access Management (EAM/Firefighter), and Business Role Management (BRM). Manage Segregation of Duties (SoD) risk ruleset customization, conduct SoD analysis, and coordinate remediation efforts with business process owners. Configure and support SAP GRC Process Control for continuous control monitoring and compliance reporting, where applicable. Manage user lifecycle and access controls across the SAP landscape, ensuring timely provisioning, de-provisioning, and regular access reviews. Troubleshoot and resolve complex security and authorization issues in production and non-production environments. Perform security patching, system updates, and landscape synchronization activities. Act as the primary technical contact for internal and external SAP security audits. Prepare and maintain comprehensive security documentation, including security policies, procedures, and design specifications. Monitor security logs, system changes, and critical access to identify and respond to potential security threats.

What you’ll need

Bachelor’s degree in Computer Science, Information Technology, or a related field and/or 1–5 years of equivalent work experience. 5+ years of dedicated experience in SAP Security, with a minimum of 2 years focused on SAP S/4HANA and SAP GRC. Proven expertise in designing and implementing security roles in SAP S/4HANA, including the Fiori authorization model (Catalogs, Groups, OData services). In-depth knowledge of SAP GRC Access Control (12.0 preferred) configuration, maintenance, and operational support. Strong understanding of security best practices for various SAP modules (e.g., FI/CO, MM, SD, HR) and cross-module integration points. Solid grasp of regulatory compliance requirements (e.g., SOX, HIPAA, GDPR) as they relate to SAP access and data security. Experience with transport management and system landscape synchronization related to security objects. Strong troubleshooting skills.

Got hired remotely?

Get paid like a professional

Remote clients expect company invoices, not personal PayPal requests. Glopay forms an EU partnership that makes you look legitimate while you stay independent.

Professional invoices with EU company details
Compliance handled automatically
Withdraw to any bank account
Income reports for easy tax filing
Create free account
Free signup • 5 min setup
About company
ALDO Group
Specializing in stylish and accessible footwear, handbags, and accessories, the ALDO Group operates under two signature brands, ALDO and Call It Spring, and is the core footwear partner for Sperry in North America. The company is also an industry-recognized wholesale licensed partner, specializing in the design, sourcing, and distribution of fashion footwear, handbags, and accessories.
All jobs at ALDO Group Visit website
Job Details
Department Information Technology
Category security
Posted 4 months ago

Similar Jobs

Other opportunities you might be interested in

LEONI

Expert IT Solutions – SAP Access Management (m/f/d)

LEONI

Cluj-Napoca Remote (Global)
CrowdStrike

Technical Account Manager - Tech Touch (Remote)

CrowdStrike

Brazil - Remote Remote (Global)
AutoStore

Principal Security Engineer

AutoStore

Norway Hybrid
Arista Networks

Security Operations Center (SOC) Analyst

Arista Networks

Poland - Remote Remote (Global)
Lightcast

Sr. Manager - Info Security (Remote) - 1007

Lightcast

Remote (Country)
CENSUS

Vulnerability Researcher

CENSUS

Thessaloniki Hybrid