SAP Security SME - Dynamic Authorization, Fortify & Cloud Migration

🌟 We're Hiring: SAP Security SME – Dynamic Authorization, Fortify & Cloud Migration! 🌟

Clearance Requirement: Must hold an active [e.g., DoD Secret / Top Secret / SCI] clearance
Job Description:
We are seeking a cleared SAP Security Subject Matter Expert (SME) with strong expertise in SAP Dynamic
Authorization, SAP Fortify (Application Security Testing), and cloud migration of SAP security applications. The
candidate will lead and support secure migrations of SAP security solutions to cloud platforms (Azure, AWS, GCP, or
SAP BTP), ensuring robust authorization management and secure application development practices.

Key Responsibilities:
 Design, configure, migrate, and manage SAP Dynamic Authorization Management (DAM/ABAC) solutions
across ECC, S/4HANA, BW, EWM, and Fiori environments.
 Lead the migration of SAP security and Fortify solutions to cloud platforms (AWS, NS2 cloud).
 Integrate dynamic authorization with SAP GRC, Identity Access Governance (IAG), Identity Authentication
Service (IAS), and hybrid landscapes.
 Perform SAP Fortify static code scans on ABAP/Java developments, analyze vulnerabilities, and provide
remediation guidance.
 Ensure secure coding standards are enforced across development and migration projects.
 Support cloud security hardening (SNC, SSO, TLS/SSL, encryption, certificates, key management).
 Collaborate with Basis, Development, and Cloud teams to ensure seamless migration of roles, profiles, and
authorizations during system moves.
 Conduct security risk assessments and ensure compliance with federal and DoD frameworks (NIST, FISMA,
STIGs, GDPR).
 Provide audit support and ensure full compliance during and after cloud migration activities.
 Develop playbooks, documentation, and best practices for SAP security in hybrid and cloud landscapes.
Required Skills & Qualifications:
 Active [Secret / Top Secret] clearance.
 Proven experience with SAP Dynamic Authorization (DAM/ABAC) and SAP Fortify application security
testing.
 Hands-on expertise in SAP security migrations to cloud (SAP BTP, Azure, AWS, or GCP).
 Deep knowledge of SAP role design, profiles, SU24, PFCG, and authorization objects.
 Strong understanding of DevSecOps pipelines and integrating Fortify into CI/CD.
 Experience with SAP GRC, SAP IAG/IAS, and S/4HANA security.
 Strong background in federal compliance frameworks (NIST, FISMA, DoD STIGs, SOX).
 Excellent problem-solving, communication, and documentation skills.
Preferred Skills:
 SAP Certified in Security, GRC, or S/4HANA.
 Prior experience with federal cloud migrations (IL4, IL5, FedRAMP environments).
 Familiarity with Zero Trust security frameworks in SAP landscapes.
 Experience with hybrid SAP landscapes (Cloud to Cloud).