• SAP Security Architect - Presales & Delivery

    DXC Technology (Richmond, VA)


    Job Description:

    DXC Technology (NYSE: DXC) helps global companies run their mission-critical systems and operations while modernizing IT, optimizing data architectures, and ensuring security and scalability across public, private, and hybrid clouds. The world’s largest companies and public sector organizations trust DXC to deploy services across the Enterprise Technology Stack to drive new performance levels, competitiveness, and customer experience. Learn more about how we deliver excellence for our customers and colleagues at DXC.com.

     

    **Overview:** We are seeking a dynamic **SAP GRC Security Architect** with strong expertise in SAP Security, Governance, Risk, and Compliance (GRC), and a solid background in **presales** and solutioning. This hybrid role blends deep technical knowledge with strong business acumen, enabling you to lead solution architecture for strategic security initiatives while partnering with sales teams to support customer engagement, RFP responses, and demos.

    Key Responsibilities:

    Presales & Solutioning (30-40%)

    + Collaborate with sales, bid management, and solution teams to define and present SAP security solutions to prospective clients.

    + Lead discovery workshops to understand customer security requirements and pain points.

    + Design SAP GRC and Security architecture tailored to customer needs (across S/4HANA, ECC, SAP RISE, BTP, Fiori, etc.).

    + Prepare and deliver compelling presentations, Proofs of Concept (PoCs), demos, and responses to RFPs/RFIs.

    + Estimate level of effort and contribute to project scoping and pricing strategies.

    Architecture & Delivery (60-70%)

    + Define, implement, and govern SAP Security frameworks across the SAP landscape, including GRC Access Control (ARA, ARM, BRM, EAM).

    + Architect secure access models, role design strategies, and SOD compliance for SAP and non-SAP integrations.

    + Lead GRC implementations and security assessments, including SoD remediation and continuous control monitoring.

    + Guide deployment in SAP RISE, SAP Cloud Platform, and hybrid environments.

    + Implement best practices in user provisioning, audit readiness, and regulatory compliance (SOX, GDPR, HIPAA, etc.).

    + Act as a trusted advisor to client security teams, stakeholders, and project sponsors.

    Required Qualifications:

    + 8+ years of SAP Security and GRC experience, with at least 3 years in an architect role.

    + 2+ years of **presales** or customer-facing consulting experience, including bid support and solution presentations.

    + Deep technical knowledge in SAP GRC Access Control and security architecture across on-prem and cloud landscapes.

    + Hands-on experience with SAP role design, SoD ruleset design, user provisioning, and audit processes.

    + Familiarity with SAP RISE, BTP, and cloud security protocols (OAuth, SAML, etc.).

    + Proven ability to engage with CXO-level clients and articulate the business value of security solutions.

    Preferred Qualifications:

    + SAP Certifications (e.g., GRC Access Control, System Security, or SAP RISE Architect).

    + Experience with SAP Identity Management (IDM), CyberArk, or other IAM/PAM tools.

    + Knowledge of data masking, SAP ILM, or security in non-production environments.

    + Familiarity with industry-specific security requirements (e.g., financial services, public sector, manufacturing).

    + Understanding of frameworks like NIST, ISO 27001, or CIS Controls.

    Soft Skills:

    + Excellent communication, presentation, and influencing skills.

    + Ability to balance technical depth with business context in customer discussions.

    + Strategic thinker with problem-solving mindset and attention to detail.

    + Strong team player with mentoring and leadership capabilities.

     

    Please note: The client is in a controlled goods program environment and must comply with the International Traffic in Arms Regulations (ITAR), which mandates that all applicants be U.S. Persons.

     

    At DXC Technology, we believe strong connections and community are key to our success. Our work model prioritizes in-person collaboration while offering flexibility to support wellbeing, productivity, individual work styles, and life circumstances. We’re committed to fostering an inclusive environment where everyone can thrive.

     

    If you are an applicant from the United States, Guam, or Puerto Rico

     

    DXC Technology Company (DXC) is an Equal Opportunity employer. All qualified candidates will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, pregnancy, veteran status, genetic information, citizenship status, or any other basis prohibited by law. View postings below .

     

    We participate in E-Verify. In addition to the posters already identified, DXC provides access to prospective employees for the **Federal Minimum Wage Poster, Federal Polygraph Protection Act Poster as well as any state or locality specific applicant posters** . To access the postings in the link below, select your state to view all applicable federal, state and locality postings. Postings are available in English, and in Spanish, where required. View postings below.

     

    Postings link (https://mandatoryview.com/?LicenceId=c38a7700-5aa2-48a3-b95a-22e6e1fb0721&ProductType=OnlineApplicant&SubType=PG)

     

    Disability Accommodations

     

    If you are an individual with a disability, a disabled veteran, or a wounded warrior and you are unable or limited in your ability to access or use this site as a result of your disability, you may request a reasonable accommodation by contacting us via email ([email protected]) .

     

    Please note: DXC will respond only to requests for accommodations due to a disability.

     

    Recruitment fraud is a scheme in which fictitious job opportunities are offered to job seekers typically through online services, such as false websites, or through unsolicited emails claiming to be from the company. These emails may request recipients to provide personal information or to make payments as part of their illegitimate recruiting process. DXC does not make offers of employment via social media networks and DXC never asks for any money or payments from applicants at any point in the recruitment process, nor ask a job seeker to purchase IT or other equipment on our behalf. More information on employment scams is available here _._