Support the implementation of security-compliant S/4HANA solutions by applying "Security by Design" and "Least Privilege" principles to functional and technical designs
Build and maintain SAP Security Roles, ensuring Segregation of Duties (SoD) is enforced and sensitive federal data is protected through robust authorization concepts
Execute processes to detect and mitigate insider threats and vulnerabilities, utilizing continuous monitoring frameworks and risk-reduction workflows
Assist in the administration of SAP GRC (Access Control / Process Control) or similar tools to facilitate automated audit logging and compliance reporting
Apply security requirements across PII-heavy modules (H2R), financial workstreams (B2R/P2R), and the Universal Journal
Contribute technical research and configuration support for Identity and Access Management (IAM), encryption standards, and secure interface integrations
Act as a key contributor during the audit lifecycle by collecting evidence, tracking inquiry statuses, and assisting in the remediation of audit findings
Provide program management assistance, including tracking security workstream milestones, maintaining resource schedules, and updating compliance forecasts
Generate and refine security posture reports and executive-level dashboards regarding risk exposure and SoD violations

Practical knowledge of Cybersecurity Frameworks such as NIST 800-53, FISMA, or SOC 1/SOC 2 within an ERP environment
Ability to translate complex technical vulnerabilities into clear status updates for project leadership and internal auditors
Proficiency in identifying risk and performing root-cause analysis for security gaps or SoD conflicts
Familiarity with FedRAMP and the ATO (Authority to Operate) lifecycle
US Citizen (no dual citizenship)
Must be eligible to obtain a government Secret Clearance.

Audit and Cybersecurity Consultant

Key skills