SAP Authorization and Security Specialist

Company Description

Bosch Global Software Technologies Private Limited is a 100% owned subsidiary of Robert Bosch GmbH, one of the world's leading global supplier of technology and services, offering end-to-end Engineering, IT and Business Solutions. With over 27,000+ associates, it’s the largest software development center of Bosch, outside Germany, indicating that it is the Technology Powerhouse of Bosch in India with a global footprint and presence in the US, Europe and the Asia Pacific region.

Job Description

Key Responsibilities & Required Skills

• Support SAP S/4HANA system conversion (Brownfield / Upgrade) activities from a security perspective, including impact assessment, role remediation, and authorization optimization.

• Analyze existing SAP ECC roles and authorizations and perform role redesign, remediation, and optimization to align with S/4HANA authorization concepts.

• Support SAP S/4HANA rollout projects by designing and adapting roles for new company codes, plants, sales organizations, or geographic regions while maintaining global security standards.

• Maintain and enhance single, derived, and composite roles using PFCG, ensuring alignment with organizational structure and business requirements.

• Review and update SU24 authorization defaults, authorization objects, and role menus as part of the S/4HANA conversion and rollout activities.

• Implement and support SAP Fiori security, including configuration of catalogs, spaces/pages, business roles, and OData service authorization.

• Perform Segregation of Duties (SoD) risk analysis and remediate access conflicts using SAP GRC Access Control.

• Configure and support SAP GRC modules, including Access Risk Analysis (ARA), Access Request Management (ARM), and Emergency Access Management (EAM).

• Support role remediation and access risk mitigation activities during system upgrade, rollout, and post-go-live phases.

• Configure and support SAP Identity Authentication Service (IAS) for authentication policies, identity federation, and Single Sign-On (SSO) across SAP systems.

• Configure SAP Identity Provisioning Service (IPS) to enable automated user and role provisioning between SAP systems and cloud applications.

• Support SAP BTP security administration, including role collections, subaccount security configuration, and trust setup with IAS.

• Work with Basis and infrastructure teams to establish secure connectivity and identity federation between S/4HANA, SAP BTP, and other SAP cloud solutions.

• Support role testing, regression testing, and User Acceptance Testing (UAT) during upgrade and rollout phases.

• Collaborate with functional teams to resolve authorization issues arising from S/4HANA simplification items, new applications, or rollout-specific business requirements.

• Assist in user provisioning, role maintenance, and access request management during implementation and rollout phases.

• Support cutover activities, data migration phases, and post-go-live stabilization from a security perspective.

• Provide support for audit and compliance requirements, including SoD reporting, access reviews, and documentation of security controls.

• Recommend security optimization, role standardization, and governance improvements across the S/4HANA landscape.

• Strong verbal and written communication skills with the ability to effectively interact with business users, functional teams, and auditors on SAP Security and GRC related topics.

• Ability to clearly document security processes, role designs, and access control procedures, and present findings during access reviews, compliance discussions, and audit meetings.

Qualifications

Educational qualification:

• BE, BTech, BCA, BSc (IT) MCA, MBA (IT) and MSc(IT)

Experience :

• 4 - 6 Years of Experience

Additional Information