SAP Security Lead

Komatsu is embarking on a business transformation journey via SAP S/4HANAimplementation project. We are actively seeking a seasoned SAP Security Lead to architect and manage the security framework for our SAP S/4HANA Private Cloud Edition, Fiori, Business Technology Platform (BTP), etc. As part of our RISE with SAP journey, this role is central to driving security strategy, governance, and compliance to ensure our SAP environment remains secure, scalable, and aligned with industry best practices. You will work with the application owners, develop and support security priorities, create and maintain standards and procedures, and provide expertise in SAP applications. This role can be located at our headquarters in Milwaukee, WI or Chicago, IL (near O'Hare).

• Design and oversee the SAP authorization framework, ensuring role-based access control (RBAC), user administration, and compliance across SAP S/4HANA Private Cloud, Fiori, and BTP.
• Manage integration of SAP solutions with IAM and SSO architecture to enforce secure authentication and access policies.
• Develop and maintain SAP security policies and procedures, ensuring compliance with J-SOX, GDPR, and regulatory requirements within a validated private cloud environment.
• Develop a security roadmap for SAP transformation, aligning with business objectives, security standards, and industry best practices.
• Implement and monitor access controls, including segregation of duties (SoD), risk analysis, and remediation strategies, leveraging SAP security tools.
• Ensure audit readiness by establishing governance processes for role-based access control, periodic access reviews, and continuous security monitoring.
• Serve as a security solution architect, defining and implementing cloud security strategies to mitigate risks and support technical designs for SAP security functions.
• Collaborate with SAP and third-party vendors to align access configurations with best practices for SAP Private Cloud Edition, optimizing security and performance.
• Partner with IT Security, Infrastructure, and Cloud Operations teams to strengthen cybersecurity, application security, and identity management within SAP environments.
• Serve as a trusted security advisor to program leadership, ensuring security remains a priority throughout the SAP transformation.
• Collaborate with SAP BASIS, SAP Functional, and SAP Technical teams to support security-related changes in the SAP landscape.
• Provide SAP security support during system upgrades, patching, and new implementations.
• Train and advise business users and technical staff on SAP security best practices.
• Lead SAP security efforts in full lifecycle projects, from blueprinting to hyper-care, ensuring security and compliance.
• Monitor SAP security alerts and vulnerabilities, proactively refining incident response protocols and conducting root cause analysis for security incidents.
• Mentor and guide team members, fostering a security-first culture while ensuring best practices in SAP security, compliance, and cloud governance.
• Advise business and IT stakeholders, acting as a trusted advisor on SAP security risks, compliance, and security architecture best practices

Experience required:

• Education required - Bachelor's degree in computer science, Information Technology, Engineering, or related field.
• 7+ years of experience in SAP security, with expert-level knowledge of SAP GRC Access Control and its core modules (ARM, BRM, EAM, UAR, and ARA).
• Deep expertise in SAP security across multiple SAP products, including SAP S/4HANA, GTS, Ariba, SAP Fiori, and SAP BTP.
• Strong understanding of SAP authorization concepts and security policies, with a focus on role-based access, user administration, and compliance in private cloud environments.
• Proven knowledge of IT SOX controls, including control operations, SOX deficiency management, and their impact on overall SOX audits.
• Demonstrated ability to serve as a security solution architect, designing SAP security solutions aligned with business and project requirements.
• Extensive experience in end-to-end SAP security project lifecycles, including requirements gathering, design and build, UAT, regression testing, cutover, and hypercare.
• Excellent communication and interpersonal skills, with the ability to collaborate effectively with cross-functional teams and key stakeholders.

Skills Preferred

• SAP certifications in GRC, Security, or related fields are highly desirable.
• Proficiency with SAP GRC and advanced SAP security tools, including experience with cloud-based identity governance.
• Strong problem-solving skills and attention to detail.