Role: SAP GRC Consultant

Location: Madrid, Spain (ideally based locally, hybrid working with 1–2 days per week on site)

Start Date: June 2026 (flexible; client can wait up to 6–8 weeks for the right candidate)

Duration: 6-month initial contract with high likelihood of extension

Travel: Up to 1–2 days per week in Madrid

Language: Spanish and English (both required)

Role Overview

We are seeking an experienced SAP GRC Consultant to join a major international project onsite in Madrid. The consultant will be responsible for designing, implementing, and supporting SAP Governance, Risk, and Compliance solutions, ensuring strong security controls, regulatory compliance, and efficient access governance across the SAP landscape.

Key Responsibilities

Implement and support SAP GRC Access Control (AC), including:

Access Risk Analysis (ARA)

Emergency Access Management (EAM / Firefighter)

Business Role Management (BRM)

Design and maintain Segregation of Duties (SoD) rule sets and mitigation controls

Manage user access lifecycle and authorization concepts in SAP

Support SAP security role design and optimization

Collaborate with SAP Security, Basis, and functional teams

Participate in audits and compliance reporting (SOX / internal controls)

Troubleshoot and resolve GRC-related incidents and issues

Support integration with SAP S/4HANA environments where applicable

Required Skills & Experience

4+ years of experience in SAP GRC (Access Control mandatory)

Strong expertise in:

SoD analysis and remediation

Role design and user provisioning

Firefighter/EAM configuration and support

Experience with SAP ECC and/or SAP S/4HANA

Solid understanding of SAP authorization concepts

Experience working in international environments

Nice to Have

SAP GRC Process Control (PC) or Risk Management (RM)

Experience in large-scale transformation programs (S/4HANA migrations)

Knowledge of audit frameworks (SOX, ISO 27001)

SAP Security / Basis background

SAP Fiori security experience