Amyx is seeking a highly motivated and experienced SAP Security Administrator to join their team, focusing on SAP Governance, Risk, and Compliance (GRC) and application security within a complex, regulated environment.

This is a Full-time position in the Defense sector in the US. The role is critical and requires specific DoD clearances and certifications.

Role Summary and DoD SAP Mandate

This administrator is responsible for the full lifecycle administration, maintenance, and security of a diverse SAP landscape (including ECC, BW, HANA, and Fiori). The role requires deep hands-on expertise with SAP GRC Access Control and a strong background in a Department of Defense (DoD) environment.

Key Responsibilities:

• SAP Security & GRC:
  • Administer and maintain the SAP GRC application, managing roles and account access.
  • Implement and enforce security policies and procedures.
  • Deep knowledge of SAP role design, profiles, SU24, PFCG, and authorization objects.
  • Experience with GRC Firefighter management and analyzing authorization issues (SU53 trace).
  • Conduct periodic access reviews, user access certifications, and security audits.
  • Collaborate to resolve SAP transport and source code security vulnerabilities.
• SAP System Administration:
  • Configure, monitor, tune, and troubleshoot the SAP technical environment (e.g., ECC, BW, HANA, Fiori, etc.).
  • Manage the installation, upgrades, and maintenance of SAP systems.
  • Schedule and execute the SAP transport management system (TMS).
• Architecture & Data:
  • Manage the migration of SAP database and application configurations through the landscape.
  • Analyze, develop, and maintain data architectures and process models within SAP.
  • Evaluate and design secure interfaces between SAP and external systems (e.g., Salesforce, Greenlight Technologies).

Mandatory Qualifications and Clearance Requirements

This position has stringent requirements for both SAP experience and mandatory DoD security compliance.

• Experience (Mandatory Minimums):
  • Minimum 8 years of experience in SAP application security and administration.
  • Minimum 8 years of hands-on experience with SAP GRC Access Control.
  • Minimum 5 years of AppSec or SAP GRC experience within a DoD environment.
• Technical Skills (Hands-on):
  • Strong understanding of SAP Basis principles (installation, configuration, performance tuning).
  • Deep knowledge of SAP GRC Access Control (role design, user provisioning, access risk analysis).
  • Hands-on experience with SAP security design, build, deployment, and audits for standard role-based security for ECC and S4HANA.
  • Experience in analyzing authorization issues through trace SU53 and adjusting authorization objects via PFCG.
• Clearances & Certifications (Mandatory):
  • DoD 8570 Baseline Certification: IAT Level II (CompTIA Security+ CE).
  • Must be able to obtain and maintain a Tier 5 Investigation Clearance (SSBI).
• Desired (Bonus):
  • Experience with DLA or other DoD programs.
  • Familiarity with Risk Management Framework (RMF), SOX/FISCAM, and NIST standards.