The big question about SAP Security is whether or not it is a sustainable contracting niche in and of itself. Over the years, most Basis folks (and some ABAPpers) have acquired SAP Security skills as part of an overall skills profile. But it's becoming increasingly difficult to land an SAP Security job if you're not specifically focused on Security. I don't think you can get SAP Security jobs anymore if you've just "dabbled" in it from time to time. But on the other hand, there are some nice roles emerging for SAP Security experts like yourself. Now, let's be clear: SAP Security is not really as sexy as it sounds, at least when you compare it to the overall Security expertise that's required to secure an entire IT infrastructure from hackers and anyone else trying to break into your system. With SAP Security, you're not usually dealing with the overall task of protecting the entire enterprise and ensuring the privacy and integrity of data across the enterprise. SAP Security really comes down to one main task: authorizations. The good news for you is that managing SAP authorizations is more complex than ever, as there are more and more SAP products involved that have very different access issues. Depending on which applications are running, every SAP install has different authorizations issues, and it's a complex enough area to require focused expertise.
To better answer your specific question, I spoke with a couple of SAP staffing experts as well as a Security consultant, and they all confirmed what I mentioned here: SAP Security is still a viable niche for consultants who have focused Security expertise on multiple projects. Since you have this skills profile, one way to build on that expertise is to explore new contracting opportunities in SAP Security. The best way to find out if you if have a marketable contracting niche is simple: put your resume out there, as discretely as possible, and see what kind of offers you can generate. The offers you get (or don't get) will give you a good sense of what's out there for you. Keep in mind that this is a tough market to contract in, so you may decide to ride out your current position and test the waters again when the market improves.
Of course, SAP Security contracting is not your only career option. You seem to be approaching a fork in the road: one fork leads into increased levels of project management, and likely has you staying with your current firm and taking on more responsibilities. Another fork leads you away from your current job and into a hands-on contracting niche in SAP Security, taking on the responsibilities of managing an independent contracting career. Both are potentially viable career paths - your ultimate decision should be based primarily on the career path that you find most compelling. But keep in mind, in order to land an SAP Security contract, you'll need to put together a resume that downplays your management responsibilities and emphasizes your hands-on Security expertise. Keep in mind that if you have moved away from hands-on skills on recent projects, you'll have a hard time landing a contract, and that particular career track will not be open to you until you update your hands-on skills with the latest Security know-how.
Related Q&A from Jon Reed
I'm currently a Microsoft Trainer and an Desktop Support Technician looking for a new career path. I'm looking at SAP for it's good rates of pay as ...continue reading
I have seven years of IT experience and 4 years in SAP Portal (java, WebDynpro, iviews). Now I would like to update my skill set with another SAP ...continue reading
I have been in the IT industry for almost 15 years now. I have been a Microsoft Windows administrator, a technical consultant covering presales and ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.