Senior SAP Security Specialist with Security Clearance - BridgePhase, LLC
Chantilly, VA 20151
About the Job
We are seeking a skilled SAP Security Specialist to lead the security and controls team in delivering and maintaining solutions tailored to our client's complex needs. This role is hands-on and requires deep expertise in SAP. All work is performed on-site in Chantilly, VA. Role and Responsibilities: * Manage SAP application security and GRC Access Control, from development through production, with a focus on SAP ECC and SAP S/4 HANA systems.
* Lead Security/GRC implementations and maintenance, including minor enhancements, support pack updates, and version upgrades.
* Oversee GRC Access Control (10.x and 12.x) activities, including master data creation and maintenance, risk analysis, remediation, batch job monitoring, and audit/compliance support.
* Troubleshoot SAP Security and GRC issues by collaborating with key functional/business stakeholders.
* Stay informed on advancements in SAP ECC, S/4 HANA, and new security authorization concepts, applying this knowledge to security vulnerabilities and mitigation.
* Support NIST, SOX, SOD, and SAP IT General Controls compliance, providing security solutions to address regulatory requirements.
* Provide training to team members and client counterparts, ensuring ongoing development and technical skill growth within the team. As with any technical environment, the exact role responsibilities will evolve with the changing needs of our client. We are looking for versatile engineers who thrive on new challenges and can readily adapt to additional responsibilities beyond those listed above. Requirements: * 4+ years' experience in SAP application security management and GRC Access Control across the full project lifecycle.
* Strong understanding of SAP authorization concepts for ECC and S/4 HANA systems.
* Hands-on expertise with GRC data management, compliance activities, BRF+ and MSMP workflows.
* Knowledge of security risks and application vulnerabilities, with skills to propose and implement mitigation.
* Familiarity with NIST, SOX, SOD, and IT general controls, with solutions to ensure compliance.
* U.S. citizenship due to client requirements.
Desired Skills: * Experience in GRC Access Control (10.x and 12.x) tools and frameworks.
* Hands-on in compliance support activities such as user management controls, access certification, and audit response.
* Ability to support and mentor junior team members. While we've outlined our ideal candidate, we recognize that talent comes in many forms. If you don't check every box but possess technical aptitude in SAP security, and a drive to learn and grow, we strongly encourage you to apply. We value applicants who demonstrate adaptability, and a solid foundation with the SAP ERP system. If you're excited about the challenge of securing data for the government and are willing to dive into new technologies and methodologies, we want to hear from you. Our team thrives on diverse perspectives and experiences. About BridgePhase:
At BridgePhase, we foster a culture grounded in integrity, critical thinking, and collaboration. Our team is built on trust, shared success, and a commitment to addressing hard challenges through agile, disciplined engineering principles. We're dedicated to delivering innovative solutions with lasting impact and are active in supporting our communities through charitable initiatives. Our Benefits: * Competitive compensation and a flexible PTO plan
* 401k plan with 6% matching (zero vesting period)
* Health, medical, and vision benefits
* Professional development budget for certifications and skills-building
* Paid community service days and social outreach opportunities
* Lead Security/GRC implementations and maintenance, including minor enhancements, support pack updates, and version upgrades.
* Oversee GRC Access Control (10.x and 12.x) activities, including master data creation and maintenance, risk analysis, remediation, batch job monitoring, and audit/compliance support.
* Troubleshoot SAP Security and GRC issues by collaborating with key functional/business stakeholders.
* Stay informed on advancements in SAP ECC, S/4 HANA, and new security authorization concepts, applying this knowledge to security vulnerabilities and mitigation.
* Support NIST, SOX, SOD, and SAP IT General Controls compliance, providing security solutions to address regulatory requirements.
* Provide training to team members and client counterparts, ensuring ongoing development and technical skill growth within the team. As with any technical environment, the exact role responsibilities will evolve with the changing needs of our client. We are looking for versatile engineers who thrive on new challenges and can readily adapt to additional responsibilities beyond those listed above. Requirements: * 4+ years' experience in SAP application security management and GRC Access Control across the full project lifecycle.
* Strong understanding of SAP authorization concepts for ECC and S/4 HANA systems.
* Hands-on expertise with GRC data management, compliance activities, BRF+ and MSMP workflows.
* Knowledge of security risks and application vulnerabilities, with skills to propose and implement mitigation.
* Familiarity with NIST, SOX, SOD, and IT general controls, with solutions to ensure compliance.
* U.S. citizenship due to client requirements.
Desired Skills: * Experience in GRC Access Control (10.x and 12.x) tools and frameworks.
* Hands-on in compliance support activities such as user management controls, access certification, and audit response.
* Ability to support and mentor junior team members. While we've outlined our ideal candidate, we recognize that talent comes in many forms. If you don't check every box but possess technical aptitude in SAP security, and a drive to learn and grow, we strongly encourage you to apply. We value applicants who demonstrate adaptability, and a solid foundation with the SAP ERP system. If you're excited about the challenge of securing data for the government and are willing to dive into new technologies and methodologies, we want to hear from you. Our team thrives on diverse perspectives and experiences. About BridgePhase:
At BridgePhase, we foster a culture grounded in integrity, critical thinking, and collaboration. Our team is built on trust, shared success, and a commitment to addressing hard challenges through agile, disciplined engineering principles. We're dedicated to delivering innovative solutions with lasting impact and are active in supporting our communities through charitable initiatives. Our Benefits: * Competitive compensation and a flexible PTO plan
* 401k plan with 6% matching (zero vesting period)
* Health, medical, and vision benefits
* Professional development budget for certifications and skills-building
* Paid community service days and social outreach opportunities
Source : BridgePhase, LLC