SAP Security Consultant

Job Title: SAP SuccessFactors Security Lead Consultant (Part\-Time)

Location: Remote

Experience: Senior Level (7\+ years preferred)

Employment Type: Contract (Part\-Time \~10 hours/week)

Role Summary

Lead the design and execution of HR security strategy across SAP SuccessFactors and SAP HCM environments. Ensure secure, compliant, and scalable access controls aligned with organizational policies and HR processes. Act as a trusted security advisor for HR, IT, Compliance, and Audit teams. Drive governance, risk mitigation, and continuous improvement of HR security architecture.

Key Responsibilities

1\. Security Strategy, Architecture \& Governance

• Define and implement HR/SAP SuccessFactors security strategy and target\-state role model.
• Establish governance frameworks including: Naming conventions Documentation standards Approval workflows
• Design scalable role\-based access models: Job/position\-based roles Data\-domain\-based access Country/legal entity segmentation
• Conduct security design reviews for: New modules System enhancements Mergers \& acquisitions HR process changes
• Drive Segregation of Duties (SoD) policies across HR processes (hire, termination, compensation, time, benefits).
• Maintain and execute a security roadmap: Automation initiatives Technical debt reduction Audit readiness improvements

2\. SuccessFactors Security (Core)

• Design, configure, and maintain Role\-Based Permissions (RBP), including: Permission roles and assignments Permission groups (dynamic \& rule\-based) Target population rules
• Manage MDF (Metadata Framework) object permissions and foundation object access.
• Implement governance for Admin permissions and "break\-glass" emergency access.
• Secure HR data domains: Employee data (person/employment) Compensation data Sensitive fields and documents
• Manage and monitor Admin Center access ensuring: Least privilege principle Proper approval workflows Audit traceability

3\. SAP HCM / HR Security

• Manage SAP HCM security including: PFCG roles Structural authorizations Infotype\-level access
• Maintain structural profiles and evaluation paths aligned with: Organizational hierarchy Reporting relationships
• Ensure accurate HR master data access control.

4\. IAM, SSO \& Access Governance

• Implement and manage Identity \& Access Management (IAM) concepts: SAML, OAuth, Multi\-Factor Authentication (MFA) Identity lifecycle provisioning (Joiner/Mover/Leaver)
• Apply RBAC/ABAC models for secure and scalable access.
• Drive access governance processes: User access reviews / recertification SoD risk identification and mitigation Privileged access management Break\-glass access controls

5\. Stakeholder Management \& Leadership

• Act as the primary security point of contact for: HRIT HR Operations Compliance \& Internal Audit Information Security teams
• Lead and mentor security analysts (onshore/offshore teams).
• Manage: Security backlog Prioritization Release readiness
• Provide security inputs during: Project planning Cutover activities Hypercare phases
• Ensure User Acceptance Testing (UAT) includes: Security validation Negative testing scenarios

6\. Reporting \& Analysis

• Generate and analyze access/security reports: User\-role assignments Role usage and compliance
• Perform user/role reconciliation and audit support.
• Conduct root cause analysis for authorization issues and implement fixes.

Required Skills \& Expertise

• SAP SuccessFactors Security: Role\-Based Permissions (RBP) Permission groups \& target population MDF permissions Admin Center governance
• SAP HCM Security: PFCG roles, structural authorizations, infotypes
• IAM \& Security Concepts: SSO (SAML, OAuth) MFA Identity lifecycle management RBAC / ABAC models
• Access Governance: SoD controls Access recertification Privileged access management

Preferred Qualifications

• Strong analytical and problem\-solving skills.
• Experience in audit, compliance, and risk management.
• Prior experience in consulting or client\-facing roles.
• Ability to manage multiple priorities in a part\-time engagement.

Work Conditions

• Part\-time role (\~10 hours per week).
• Fully remote with occasional travel (if required).
• Standard business hours (Monday to Friday).

For applications and inquiries, contact: hirings@openkyber.com