IT Security Consultant (Cyber Security) - SAP Environments (Contract/Permanent) Remote/South Africa

Introduction

We are seeking an experienced Security Consultant with a strong cybersecurity background and extensive experience in SAP environments.

This is not a traditional SAP Security, GRC, or authorisation role. Instead, we are looking for a cybersecurity specialist who understands SAP landscapes and can apply advanced security principles to identify vulnerabilities, assess risk, and advise on mitigation strategies.

The successful candidate will support enterprise clients by researching SAP-related vulnerabilities, advising on defence strategies (including scenarios where patching is not immediately possible), and responding to real-world security challenges.

This is a senior, advisory and research-driven role requiring strong technical depth and the ability to translate complex threats into practical business guidance.

Employment Type: Contract (12 months, with possible renewal) OR potential permanent role.
Location: South Africa (Hybrid/Remote)

Duties & Responsibilities

Key Responsibilities

• Identify, analyse, and respond to security vulnerabilities within SAP environments
• Advise on defensive strategies, including mitigation approaches where patches are unavailable or delayed
• Research newly disclosed vulnerabilities and assess their technical and business impact
• Develop and document system hardening and risk mitigation strategies
• Produce customer-facing security bulletins summarising threats and recommended actions
• Conduct security assessments and compile detailed, actionable reports
• Triage and respond to customer security queries and emerging threats
• Support clients with both proactive security posture improvements and reactive incident-related concerns
• Collaborate with broader cybersecurity teams to align SAP-related risks with enterprise security strategies

Desired Experience & Qualification

Required Experience and Skills

• 10+ years’ experience in IT, with a strong foundation in cybersecurity
• Proven experience working with or securing SAP environments (e.g. ECC, S/4HANA, BW, Fiori)
• Background may include SAP Basis or technical SAP roles earlier in career
• Strong experience in vulnerability management, threat analysis, and risk mitigation
• Experience within large corporate or enterprise environments
• Ability to assess and respond to security risks beyond standard vendor patching
• Experience conducting technical assessments and producing high-quality reports

Preferred Qualifications / Certifications

• CISSP (Certified Information Systems Security Professional)
• CISM (Certified Information Security Manager)
• GIAC certifications (e.g. GSEC, GEVA, GPEN, GSNA)
• SAP-related knowledge or certifications (advantageous, not core focus)
• Additional cybersecurity certifications are beneficial

Key Attributes

• Strong analytical and investigative mindset
• Research-driven, with the ability to stay ahead of emerging threats
• Ability to operate in a client-facing advisory capacity
• Strong communication and stakeholder engagement skills
• High attention to detail and governance
• Excellent technical writing skills

Additional Notes

• Ideal profile: Cybersecurity specialist with prior SAP technical experience (e.g. SAP Basis)
• Experience in SAP vulnerability research, threat intelligence, or security advisory is highly desirable
• Exposure to SAP-focused security environments or organisations is advantageous
• This role is focused on cybersecurity, vulnerability management, and advisory, not SAP administration or GRC