Sr. SAP HCM Security Consultant

Job Title: Sr. SAP HCM Security Consultant

Location: Pune India Technology Center, Pune, India 

About role

Seeking an experienced SAP SuccessFactors Security Consultant to design, implement, and support security and authorization frameworks primarily within SAP SuccessFactors, with secondary exposure to SAP HR / HCM security and broader SAP security controls. The role requires deep expertise in Role-Based Permissions (RBP), access governance, and compliance, while supporting integrations with SAP ECC/S4 and identity management platforms.

Key Responsibilities:

• Design, configure, and maintain complex Role-Based Permission (RBP) models in SAP SuccessFactors Employee Central, including permission roles, permission groups, target populations, and role assignments.
• Configure and manage dynamic permission groups using employee data attributes (location, department, job classification, pay grade, employment status, custom MDF objects).
• Implement and troubleshoot granular EC permissions, including Employee Data, Employment Details, Compensation, Time-Off, and workflow-driven access restrictions.
• Perform detailed RBP troubleshooting, including root-cause analysis of permission conflicts, inactive permissions, target population mismatches, and proxy access issues.
• Support security design for SuccessFactors releases, preview testing, regression validation, and post-release remediation activities.
• Secure SuccessFactors integrations with SAP ECC/S/4HANA, SAP IDM, and third-party systems by validating user IDs, role mappings, and provisioning logic.

Technical Skills:

• Strong hands-on experience with SAP SuccessFactors Role-Based Permissions (RBP) across EC, ONB, RCM, LMS. PMGM
• Expertise in Employee Central (EC) security, including permission roles, permission groups, target populations, and workflow permissions.
• Experience designing dynamic permission groups using EC attributes and MDF objects.
• Hands-on knowledge of Onboarding 2.0 security and EC–ONB data access alignment.
• Solid understanding of Recruiting (RCM) security, including operator roles and candidate data visibility.
• Working knowledge of Learning (LMS) security, including admin roles and learner access controls.
• Administer IAS/IPS provisioning and SSO integrations with SuccessFactors and SAP systems. 
• Strong skills in RBP troubleshooting and post-release access issue resolution.
• Good to Have – SAP HR / HCM Security Knowledge
  • Understanding of SAP HR/HCM security concepts in ECC or S/4HANA.
  • Knowledge of authorization objects P_ORGIN, P_ORGXX, P_PERNR, and PLOG.   
  • Experience with structural authorizations, evaluation paths, and root objects.
  • Knowledge of infotype and subtype level security restrictions.    
  • Understanding of Personnel Administration (PA) and Organizational Management (OM).
  • Awareness of HR mini-master and EC–HCM integration security touchpoints.

Qualifications and Experience:

• Bachelor's or master's degree in computer science, Information Systems, or related field.
• 8–10 years of SAP Security experience across SuccessFactors (RBP, workflows, permissions troubleshooting), ECC, HR Security and S/4HANA,
• Strong knowledge of IAS/IPS provisioning, SSO.
• Proficiency in SAP GRC, SoD analysis, risk remediation, and audit frameworks (SOX, GDPR).

Essential qualifications

• Bachelor¹s or Master’s degree in Information Science, Computer Science or related field
• 10 to 12 years of SAP Security Experience
• Minimum 2 S4H Greenfield, Brownfield implementation Experience
• Experience of working on complex SAP rollout projects
• Excellent communication, verbal, presentation and written skills

Key competencies in SAP Security

• Expertise in application security S4H, Fiori, HANA, SAP BTP with deep understanding of authentication, user provisioning, role design management.
• Experience of Master – derived, Value – Enabler technical roles with inclusion of tcodes, Hana views, Fiori Apps etc.
• Expertise in Fiori role build, especially Pages, Spaces, Catalogue, Groups, apps etc.
• Understanding of OData V2, V4 services, API Security, and troubleshooting complex Fiori and Hana access issues.
• Exposure to BTP role build in Abap Environment, HANA Cloud (XSA apps), IAS, IPS, Audit logging, Credential store services etc.
• Business process understanding on Core Domains like Supply, logistics, procurement, Trade Controls and Master Data Governance.
• Possess experience reviewing custom transactions, updates authorization defaults, with good understanding of authorization objects across domains, including sensitive admin transaction codes.
• Experience of developing attribute-based access provisioning designs, with exposure to provisioning tool IDM, Saviynt.

Other skills and abilities

• Ability to work in global distributed setting without supervision.
• Self-driven, Proactive, Out -Of -Box Thinker
• Flexible and reliable- displaying great ownership in all aspects.
• Open to travel abroad and in India