25 Security Consultant jobs in Chennai

Responsibilities:

* Ensure compliance with security policies & procedures

* Collaborate on project planning, execution & support

* Implement end-to-end SAP security solutions using ECC, Bi Sec., GRC & Fiori apps

About the Company

We are seeking a skilled and experienced
SAP Security & GRC Consultant
to join our team. The ideal candidate will possess strong expertise in SAP Security administration across multiple SAP modules and systems, with a particular focus on GRC Access Control and ERP provisioning. This role requires proficiency in resolving authorization issues, managing user provisioning workflows, and ensuring compliance with both internal security policies and external audit requirements.

About the Role

The position involves managing daily SAP ERP provisioning activities, such as processing tickets, handling reassignments, and troubleshooting user-reported issues, while maintaining high service standards.

Key Responsibilities

• Perform SAP ERP provisioning tasks, including ticket resolution, reassignments, and issue troubleshooting.
• Maintain adherence to SLAs across all ticket categories.
• Execute remediation tasks such as removing inappropriate access and implementing process improvements.
• Monitor and respond to requests from the provisioning group mailbox.
• Ensure timely deactivation of user accounts and removal of access for separated employees.
• Manage and maintain employee access to Active Directory groups.
• Support SAP releases, upgrades, and system changes in coordination with other teams.
• Assist in designing and implementing secure business processes.
• Provide guidance on security governance, frameworks, policies, and Segregation of Duties (SoD).
• Collaborate with functional and technical teams to develop and implement effective security strategies.
• Support internal and external SAP audits, identifying risks and proposing mitigation strategies.
• Configure and maintain SAP GRC Access Control (AC), including risk analysis and mitigation control assignments.

Qualifications

• 4–8 years of hands-on experience in SAP Security Administration.
• Proficiency in SAP S/4HANA, ECC, BW, SRM, HANA, and BOBJ security.
• Strong expertise in GRC Access Control configuration and rollout.
• Proven ability to resolve authorization issues and handle security incidents.
• Experience with ITSM/ticketing systems and Microsoft Office tools for reporting and analysis.
• Knowledge of SAP audit processes, risk remediation, and compliance requirements.
• Ability to work independently and manage multiple priorities.
• Excellent communication and collaboration skills.

Preferred Skills

• SAP Certification in Security or GRC (an advantage but not mandatory).
• Experience working in global teams and complex SAP environments.
• Understanding of integrations with non-SAP systems or cloud-based identity provisioning tools.

Education

• Bachelor's degree in Computer Science, Information Technology, Electronics & Communication, or related fields.
• Master's degree or relevant SAP Security/GRC certifications preferred.

``

Role & responsibilities

• Adequate knowledge and understanding of trusted computer information systems, telecommunication and networking environment.
• Skills to perform technical security testing, especially vulnerability assessment & penetration tests, and should have the ability to analyse and evaluate the results.

• Should have personnel with information security related qualifications like:

• Certified Information Systems Security Professional (CISSP) or

• Certified Information Security Manager (CISM) of ISACA, or

• Certified Information Systems Auditor (CISA) of ISACA, or

• Diploma in Information Systems Audit (ISA or DISA) of ICAI or

• Diploma in Information System Security Audit (DISSA), ICMAI or

• Any other formal IT Security related qualification

• Preferably three years of experience in IT Security Auditing

• Should have carried out at least five IT Security Audits, preferably two of which should be in the last 12 months

Interested candidate can reach us to /

Roles and Responsibilities

Greetings from GRM Technologies

Providing support in IT and Cyber Risk Advisory services offered by GRM Technologies to its clients in the following domains-

Information regulatory compliance (ISO 27001, PCIDSS, RBI, SEBI, SOC1, SOC2, PCI DSS, HITRUST, GDPR)

1. Information risk management
2. Information security and information assurance
3. Information technology controls for financial and other systems
4. Identifying processes and technologies to maintain and enhance the security architecture
5. Disaster recovery and business continuity management Information privacy
6. Have a fair understanding of Business Continuity Planning and DR Drills
7. Should have conducted Information Life Cycle management reviews in the past
8. Conducting Infrastructure Vulnerability Assessment and Penetration Testing
9. Conducting Web and Mobile Application Security Assessment
10. Conducting Secure Code Review
11. Conducting Architecture Review

Should have minimum 2-5 yrs. of experience into Cyber Security, including IT Risk, Cyber Risk & Compliance, IT Audit, Vendor Audit, VAPT, Application Security, Fraud Risk & Security.

• Knowledge of information security standards, principles and practices required
• Perform risk assessment, controls and documentation with expected standards (information technology/ business process)
• Conduct Infrastructure Vulnerability Assessment and Penetration Testing
• Conduct Web Application Security Assessment
• Conduct Mobile Application Security Assessment
• Conduct Source Code Review
• Perform SOX compliance audits, SOC 1 and SOC 2 audits, as well as testing and reporting
• Perform control testing pertaining to operating systems, data base (Windows, Unix, Oracle, MSSQL, DB2)
• Should be able to test basic and automated ERP ITGC controls (SAP, Oracle, etc.)
• Ability to draft BCP/ DR policy and carry out testing of plan and procedures would be preferable
• Ability to adapt to new scope areas and technologies
• Bring in vertical expertise in at least two verticals like BFSI, manufacturing, or more
• Ability to manage client communication and escalation
• Ability to make all attempts to guide the peers and self to improve client satisfaction scores
• Participate in proposal preparation
• Understanding of risk
• Appreciation for technological innovation
• Strong organization skills
• Curiosity and eagerness to learn
• Initiative to seek out opportunities and add value
• Tolerance for ambiguity and shifting priorities; appreciation of change.
• Should have certification on CCNA / CCNP / ITIL
• Exposure into ISO 27001 is mandate

• Expertise on Endpoint Security as in DLP, AV, EDR/EPP solutions
• Experience with EDR tools (e.g., SentinelOne, CrowdStrike) and anti-virus/anti-malware solutions.
• Proficiency in analyzing and mitigating endpoint security threats and managing endpoint protection policies.
• SIEM and Incident ResponseHands-on experience with SIEM platforms (e.g., Splunk, QRadar, Microsoft Sentinel).
• Strong skills in incident response, threat hunting, and forensic investigation.
• Access and Identity ManagementFamiliarity with IAM concepts and tools, including MFA and SSO solutions.
• Experience with configuring and troubleshooting access control for network and endpoint systems.
• Automation and ScriptingBasic scripting abilities (e.g., Python, PowerShell) for automating security processes.
• Excellent analytical and problem-solving skills.
• Effective communication skills for interacting with team members and stakeholders.
• Ability to work in a fast-paced environment and handle high-stakes incidents.
• Certifications (Preferred)
• CompTIA Security+, Cisco CCNA Security, Certified Ethical Hacker (CEH), or other relevant security certifications.

Required education

Bachelor's Degree

Preferred education

Bachelor's Degree

Required technical and professional expertise

- 10 years of experience in security & infrastructure administration
- Experience on any Products for Implementation & Operations in
- SIEM, Nessus, CEH, Qualys guard, Vulnerability Assessment and Penetration Testing, Network Security, Web Application
- Expertise of handling industry standard risk, governance and security standard methodologies and incident response processes (detection, triage, incident analysis, remediation and reporting).
- have shown attention to detail and interpersonal skills and expertise to oversee input and develop relevant metrics and Competence with Microsoft Office, e.g. Word, Presentation, Excel, Visio, etc

Preferred technical and professional experience

- Ability to multitask and work independently with minimal direction and maximum accountability.
- One or more security certifications. (CEH, Security+, GSEC, GCIH, etc).

Security consultant (S4HANA & Fiori)

SAP Security Consultant with expertise in user access management, role design and compliance enforcement across SAP systems (ECC, S/4 HANA, Fiori, BW, HANA). Skilled in SAP GRC, Segregation of Duties(SoD), and audit support, ensuring compliance

Security consultant (S4HANA & Fiori)

SAP Security Consultant with expertise in user access management, role design and compliance enforcement across SAP systems (ECC, S/4 HANA, Fiori, BW, HANA). Skilled in SAP GRC, Segregation of Duties(SoD), and audit support, ensuring compliance

Security consultant (S4HANA & Fiori)

SAP Security Consultant with expertise in user access management, role design and compliance enforcement across SAP systems (ECC, S/4 HANA, Fiori, BW, HANA). Skilled in SAP GRC, Segregation of Duties(SoD), and audit support, ensuring compliance