Specialist - SAP - Security

As CohnReznick grows, so do our career opportunities. As one of the world’s top professional services firms, and in support of our global workforce strategy, we’re growing our operations in India! We create rewarding careers in advisory, assurance, and tax with team members who value innovation and collaboration in everything they do!

CohnReznick helps organizations optimize performance, manage risk, and maximize value through CohnReznick LLP (assurance services) and CohnReznick Advisory LLC (advisory and tax services). Together, the firm provides leaders with deep industry knowledge and relationships, solutions to address clients’ unique business goals and risks, and insight on how emerging market forces can drive opportunity. With offices worldwide, the firm serves organizations around the world as an independent member of Nexia.

We currently have an exciting career opportunity for a Specialist/Senior Specialist to join the SAP team in our GDC practice.

CohnReznick is a hybrid firm and most of our professionals are located within a commutable distance to one of our offices. This position is considered remote which means it does not require job duties be performed within proximity of a CohnReznick office location. However, as a remote employee, you may be required to be present at a CohnReznick office with scheduled notice for client work, team meetings, or trainings.

YOUR TEAM.

Summary: The SAP S/4HANA Public Cloud Security Administrator is responsible for managing, maintaining, and optimizing all security‑related functions of the SAP S/4HANA Public Cloud ecosystem. This role ensures the integrity, confidentiality, and availability of systems through proactive access control, risk mitigation, continuous improvement, and alignment with regulatory and audit requirements.

WHY COHNREZNICK?

At CohnReznick, we’re united by a common mission to create opportunity, value, and trust for our clients, our people, and our communities. Whether it’s working alongside your peers to solve a client challenge, or volunteering together at the local food bank, there are so many ways to find your “why” at the firm.

We believe it’s important to balance work with everyday life – and make time for enjoyment and fun. We invest in a robust Total Rewards package that includes everything from generous PTO, a flexible work environment, expanded parental leave, extensive learning & development, and even paid time off for employees to volunteer.

YOUR ROLE.

Responsibilities include but not limited to:

• Design, configure, and maintain business roles, catalogs, groups, and spaces within SAP S/4HANA Public Cloud.
• Manage user lifecycle processes: provisioning, de‑provisioning, access changes, and periodic reviews.
• Implement and maintain least‑privilege access across S/4HANA Public Cloud, BTP, IAS/IPS, and integrated applications.
• Troubleshoot and resolve authorization errors and security incidents.
• Ensure consistent application of SAP Public Cloud guardrails.
• Coordinate and maintain security integrations with IAS, IPS, BTP, and Azure AD.
• Oversee secure communication and authentication settings across API‑based and cross‑application integrations.
• Support identity‑related components for integration with functional modules.
• Drive process improvements and automation across access management and security workflows.
• Reduce manual tasks through scripting, workflow tools, or identity automation capabilities.
• Strengthen processes for SoD mitigation, risk assessments, and audit responses.
• Lead and support internal and external audits related to SAP security controls.
• Ensure compliance with GAAP, IFRS, SOC, GDPR, and internal policies.
• Maintain detailed documentation of roles, controls, changes, and access procedures.
• Perform regular access risk reviews, SoD analysis, and control testing.
• Monitor SAP quarterly releases for security‑related changes and ensure readiness.
• Monitor system performance and security health indicators.
• Provide user support and training related to access and security best practices.
• Serve as a backup to team members as needed.
• Participate in projects involving upgrades, M&A, vendor onboarding, and enhancements.
• Document system configurations and procedures for future reference and compliance.
• Lead system audits and compliance checks to meet regulatory requirements.
• Collaborate with cross-functional teams to integrate SAP S/4HANA Public Cloud systems with other business applications.
• Monitor all upcoming changes being deployed by SAP. Work on testing plans and keeping senior staff updated on upcoming changes.
• Execute UAT and tasks for Upgrades, Mergers and Acquisitions, Vendor Coordination, and other associated projects.
• Serve as backup to other team members to backfill during peak periods, PTO, etc.

YOUR EXPERIENCE.

The successful candidate will have:

• At least 3 to 5 years’ experience with SAP S/4 Hana Public Cloud Security with a focus on financial accounting or professional service organizations.
• Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or related field.
• SAP S/4HANA Public Security or SAP BTP certifications preferred
• Strong analytical and problem-solving skills to address system issues effectively.
• Excellent communication and teamwork abilities to collaborate with various stakeholders. Experience working in a global team environment.
• Deep understanding of IAM principles, role design, and SoD.
• Experience with IAS, IPS, Fiori security, and SAP BTP.
• Ability to manage multiple projects simultaneously to meet business demands.
• Lead meetings by setting clear objectives, driving focused and collaborative discussion, and ensuring accountability for timely completion of action items.

Required Knowledge and Skills:

• Comprehensive knowledge of SAP S/4HANA Public Cloud security architecture.
• Expertise in designing, configuring, and maintaining SAP roles and authorizations to protect system integrity.
• Experience with IAS/IPS identity services.
• Familiarity with SAP BTP security models.
• Strong troubleshooting skills. This includes what is an incident versus what is a defect.
• Experience with SAP Cloud ALM and SAP Activate.

In addition, please take a moment to review our Universal Job Standards.

Studies have shown that we are less likely to apply to jobs unless we meet every single qualification. At CohnReznick, we are dedicated to building a diverse, equitable, and inclusive workplace, so if you’re excited about this role but your experience doesn’t align perfectly with every qualification in the job description, we still encourage you to apply. You may be just the right candidate for this or one of our other roles.

"CohnReznick" is the brand name under which CohnReznick LLP and CohnReznick Advisory LLC and their respective subsidiaries provide professional services. CohnReznick LLP and CohnReznick Advisory LLC (and their respective subsidiaries) practice in an alternative practice structure in accordance with the AICPA Code of Professional Conduct and applicable law, regulations, and professional standards. CohnReznick LLP is a licensed CPA firm that provides attest services to its clients. CohnReznick Advisory LLC provides tax and business consulting services to its clients. CohnReznick Advisory LLC and its subsidiaries are not licensed CPA firms.

CohnReznick is an equal opportunity employer, committed to a diverse and inclusive team to drive business results and create a better future every day for our team members, clients, partners, and communities. We believe a diverse workforce allows us to match our growth ambitions and drive inclusion across the business. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, age, national origin, or protected veteran status and will not be discriminated against on the basis of disability.

#LI-