IAM Engineer

McKesson is an impact-driven, Fortune 10 company that touches virtually every aspect of healthcare. We are known for delivering insights, products, and services that make quality care more accessible and affordable. Here, we focus on the health, happiness, and well-being of you and those we serve – we care.

What you do at McKesson matters. We foster a culture where you can grow, make an impact, and are empowered to bring new ideas. Together, we thrive as we shape the future of health for patients, our communities, and our people. If you want to be part of tomorrow’s health today, we want to hear from you.

Position Summary

As a (Mid-Level) SAP Security Engineer, you will be responsible for security operations of ERP systems, implementing and maintaining security roles, authorizations, and controls across our SAP environment. You will collaborate with cross-functional teams to support compliance initiatives, manage user access, and proactively identify and mitigate security risks.

Key Responsibilities

• Provide operations support for SAP security services, service requests, incidents and troubleshooting access issues
• Design, implement, and maintain SAP security roles and authorizations across modules (ECC, S/4HANA, BW, Fiori, etc.)
• Perform user administration and role assignments using SAP GRC Access Control (ARM, ARA, BRM, EAM)
• Conduct periodic access reviews, segregation of duties (SoD) analysis, and remediation
• Collaborate with audit and compliance teams to support internal and external audits
• Monitor SAP systems for security vulnerabilities and apply necessary patches or configurations
• Assist in the development and enforcement of SAP security policies and procedures
• Stay current with SAP security best practices and emerging threats

Required Qualifications

• Bachelor’s degree in Computer Science, Information Systems, or related field
• 3–5 years of hands-on experience in SAP security administration
• Strong understanding of SAP authorization concepts and user management
• Experience with SAP GRC Access Control (ARM, ARA, BRM, EAM)
• Experience with SAP S4 Security, securing a complex ERP suite, its integrations, cloud deployments, and advanced features including:
•  Securing Fiori applications & user experience, role design, trouble shooting and managing access across apps
• Application Security: Understanding secure coding practices, especially for custom ABAP code, and implementing security measures within S/4HANA applications
• Experience with SAP HANA DB security, including user and role management, privileges, and auditing
• Demonstrated experience with SOX and SOC compliance requirements
• Experience managing Segregation of Duties (SoD), SOX, SOC, and IT General Controls
• Proficient troubleshooting, problem-solving skills, and data analysis skills (e.g., user, role, and authorization level)
• Experience with integration of Identity Governance A tools like SailPoint
• Excellent communication skills
• Ability to work independently and in a team-oriented environment

Preferred Skills

• Knowledge of SAP Fiori security
• Exposure to cloud-based SAP solutions (e.g., SAP BTP, Ariba)
• SAP Security certification is a plus
• Experience with JD Edwards E1 security is a plus
• Familiarity with GDPR and other data privacy regulations

At McKesson, we care about the well-being of the patients and communities we serve, and that starts with caring for our people. That’s why we have a Total Rewards package that includes comprehensive benefits to support physical, mental, and financial well-being. Our Total Rewards offerings serve the different needs of our diverse employee population and ensure they are the healthiest versions of themselves.

As part of Total Rewards, we are proud to offer a competitive compensation package at McKesson. This is determined by several factors, including performance, experience and skills, equity, regular job market evaluations, and geographical markets. The pay range shown below is aligned with McKesson's pay philosophy, and pay will always be compliant with any applicable regulations.  In addition to base pay, other compensation, such as an annual bonus or long-term incentive opportunities may be offered. 

Our Base Pay Range for this position