SAP Security Engineer (GRC – Technical)

Bright Vision Technologies is a forward-thinking software development company dedicated to building innovative solutions that help businesses automate and optimize their operations. We leverage cutting-edge technologies to create scalable, secure, and user-friendly applications.As we continue to grow, we’re looking for a skilled SAP Security Engineer (GRC – Technical) to join our dynamic team and contribute to our mission of transforming business processes through technology.This is a fantastic opportunity to join an established and well-respected organization offering tremendous career growth potential.SAP Security Engineer (GRC – Technical)Job Title: SAP Security Engineer (GRC – Technical)Location: 100% Remote (Continental United States)Position Type: In-house Bright Vision Technologies SOW engagement (no third-party client or vendor)Experience: 5+ yearsSponsorship: No new H1B sponsorship available. H1B transfers welcomed for qualified candidates.Employment Type: Full-time, direct W2 with Bright Vision Technologies (no C2C, no 1099, no third-party)Engagement: Long-term, multi-year, aligned to the Bright Vision SOW delivery roadmapCompensation: Competitive base salary commensurate with experience, plus benefits.Employment Terms & Visa PolicyThis is a 100% remote, full-time, direct W2 position with Bright Vision Technologies.This role is part of Bright Vision Technologies’ in-house Statement of Work (SOW) engagement. The client, end customer, and employer for this position is Bright Vision Technologies — there is no third-party client, vendor, or implementation partner involved.We do not engage in C2C, 1099, or third-party arrangements for this role.BUT STRICTLY NO C2C/1099/3RD PARTY COMPANIES. ALL OUR ROLES ARE W2 AND NO 3RD PARTY BROKERING PLEASE.Candidates must be willing to work directly as a full-time W2 employee of Bright Vision Technologies and contribute to our in-house SOW deliverables.No new H1B sponsorship is available for this role.However, candidates who are currently on a valid H1B visa and require a transfer are welcome to apply. We will support H1B transfers for qualified candidates.For every role, a technical coding assessment is mandatory. Please apply only if you are confident in your technical abilities and hands-on experience.Job SummaryWe are seeking an experienced SAP Security and GRC (Governance, Risk, and Compliance) Engineer to design, implement, and operate security and access-control frameworks for complex SAP landscapes, including S/4HANA, ECC, BW/4HANA, Fiori, BTP, and SuccessFactors. In this role you will be responsible for SAP role design, user provisioning, segregation-of-duties analysis, audit support, and the technical operation of SAP GRC suites. The ideal candidate will combine deep expertise in SAP authorization concepts with strong hands-on experience operating SAP GRC Access Control and Process Control, and will partner closely with audit, compliance, and business teams to deliver a secure, auditable SAP environment.Key ResponsibilitiesDesign and maintain SAP authorization concepts and role structures aligned with business processes and least-privilege principlesBuild and maintain master, derived, composite, and business roles for S/4HANA, ECC, and Fiori applicationsConfigure and operate SAP GRC Access Control (ARA, ARM, BRM, EAM), including ruleset management, mitigating controls, and emergency access managementPerform segregation-of-duties analysis and remediation in collaboration with business process owners and internal auditConfigure user provisioning workflows in SAP GRC ARM, including request types, approval paths, and integration with IDM/IAM platformsOperate SAP GRC Process Control for continuous controls monitoring and policy managementImplement security for Fiori applications, including catalogs, groups, and front-end authorizationsConfigure and operate security for SAP BTP and cloud applications using XSUAA, IAS, and IPSSupport SAP audits (SOX, GxP, PCI) and respond to audit findings with documented remediation plansImplement transport security, table logging, and audit logging in line with internal security policiesMonitor and remediate SAP Security Notes in coordination with Basis and DBA teamsMaintain comprehensive, current technical documentation — including architecture diagrams, design decisions, configuration references, runbooks, and operational procedures — so that the system remains supportable, auditable, and easy to onboard new engineers onto over timeMentor junior team members and support knowledge transfer across the security teamRequired QualificationsBachelor’s degree in Computer Science, Engineering, or a related technical disciplineFive or more years of SAP Security / GRC experience in enterprise landscapesStrong hands-on experience with SAP authorization concepts and role designDeep experience operating SAP GRC Access Control (ARA, ARM, BRM, EAM)Experience supporting SAP audits and remediation activitiesHands-on experience securing Fiori, BTP, and cloud SAP applicationsFamiliarity with SAP IDM or third-party IGA toolingWorking knowledge of SAP Process ControlStrong understanding of regulatory frameworks such as SOX, GxP, and PCIExcellent communication and documentation skillsPreferred QualificationsSAP-certified Security or GRC credentialsExperience with SAP Cloud Identity services (IAS, IPS) and SCIM-based integrationsFamiliarity with HANA security and analytic privilegesExperience with continuous controls monitoring frameworksExposure to SAP RISE / Grow security operating modelsHow to ApplyWould you like to know more about this opportunity?For immediate consideration, please send your resume to harry@bvteck.com or contact us at (908) 676-4399. Learn more about Bright Vision Technologies at www.bvteck.com.We recognize that our people are our strength, and the diverse talents they bring to our global workforce are directly linked to our success. We are an equal opportunity employer and place a high value on diversity and inclusion at our company.We do not discriminate on the basis of any protected attribute, including race, religion, color, national origin, gender, sexual orientation, gender identity, gender expression, age, marital or veteran status, pregnancy or disability, or any other basis protected under applicable law. We also make reasonable accommodations for applicants’ and employees’ religious practices and beliefs, as well as mental health or physical disability needs.Bright Vision Technologies is an Equal Opportunity Employer, including Disability/Veterans.Position offered by “No Fee Agency.”Equal Employment Opportunity (EEO) StatementBright Vision Technologies (BV Teck) is committed to equal employment opportunity (EEO) for all employees and applicants without regard to race, color, religion, sex, sexual orientation, gender identity or expression, national origin, age, genetic information, disability, veteran status, or any other protected status as defined by applicable federal, state, or local laws. This commitment extends to all aspects of employment, including recruitment, hiring, training, compensation, promotion, transfer, leaves of absence, termination, layoffs, and recall.BV Teck expressly prohibits any form of workplace harassment or discrimination. Any improper interference with employees' ability to perform their job duties may result in disciplinary action up to and including termination of employment.Powered by JazzHRYiTTj8ZOmI