Looking for a role where you can specialize in SAP application security and role design while supporting the further development into other major technologies such as Oracle Netsuite and Microsoft Business Central? Join BDO to advise organizations on SAP role design (ECC & S/4HANA), segregation of duties (SoD) rulebooks and analyses, user/role remediation, and IT/process controls. Work with experienced colleagues, and grow quickly within a
collaborative culture.
What will you be doing?
As an SAP Application Security Consultant at BDO, you will:
1. Lead SAP role design and role optimisation for ECC and S/4HANA environments.
2. Design and maintain SoD rulebooks, perform SoD analysis and support remediation plans.
3. Drive user- and role-remediation programs (identification, prioritisation, remediation tracking, validation).
4. Assess SAP access-related IT and process controls; design and implement compensating or preventive controls.
5. Support policy, process, and control documentation for SAP access, and help define operating models for access governance.
6. Conduct interviews, review artefacts, run tooling analysis (SoD engines), and present findings to stakeholders.
7. Support security risk assessments, compliance initiatives (., NIS2/DORA implications for access controls), and audits relevant to SAP access.
8. Contribute to proposals, client workshops and capability build-out within the practice.
9. Take ownership of continuous improvement and business growth by identifying opportunities for automation, service expansion and knowledge transfer;
10. Mentor junior staff and lead client engagements to expand the team’s offerings and
impact.
What do you bring to the table?
11. Proven experience and knowledge in SAP role design and user assignment for ECC and S/4HANA (minimum expectation).
12. Strong background in SoD rulebook creation, SoD analysis and pragmatic risk tuning.
13. Hands-on experience delivering user & role remediation programs in large organisations.
14. Knowledge of IT and process control frameworks and ability to translate access risks into controls and tests.
15. Familiarity with security frameworks (ISO 27001, NIST CSF) and regulatory drivers (., NIS2, DORA) is advantageous.
16. Strong analytical and communication skills; able to present findings to technical and executive stakeholders.
17. Project delivery mindset: able to plan remediation sprints, manage dependencies and track outcomes.
18. Degree in computer science, information security, engineering, business or equivalent experience; 1/2-5 years relevant experience (or stronger for senior roles).
19. Willingness to obtain relevant certifications (., CISSP, CISM, CISA, SAP GRC-related certs).
20. Fluency in English; French or Dutch
What do we bring to the table?
According to our own colleagues, it’s got something to do with the great team spirit and atmosphere within our organization and the focus on their wellbeing… But hey, just take a look for yourself at what we got to offer
21. Culture: you will join a team of experts who encourage respect, diversity and teamwork.
22. Development: you decide the direction of your career, and we support you, where necessary.
23. Impact: from day 1 you will be given responsibility, with support from your team.
24. Growth: you get access to a whole range of training courses through our BDO Academy.
25. Network: you can work on different projects and clients, across business practices.
26. Flexibility: you choose where you work with flexible working hours.
27. Wellbeing: your physical and mental health is important to us.
28. Proximity: you work in an open culture, so feel free to speak to anyone, at any level.
29. Salary: you receive a competitive salary package with interesting benefits.
30. Sustainability: you work within a company with an integrated sustainability policy.
Ready to specialise in SAP Application Security at BDO? Apply now and help our clients secure their SAP landscapes while advancing your career.