Problem solve Get help with specific problems with your technologies, process and projects.

The next step for an experienced SAP Security consultant

I am currently a manager and I have been an SAP Security consultant with a big 4 company for the past several years. Where do you see this going and do you have any suggestions on where to go next? How can I leverage this experience? The big question about SAP Security is whether or not it is a sustainable contracting niche in and of itself. Over the years, most Basis folks (and some ABAPpers) have acquired SAP Security skills as part of an overall skills profile. But it's becoming increasingly difficult to land an SAP Security job if you're not specifically focused on Security. I don't think you can get SAP Security jobs anymore if you've just "dabbled" in it from time to time. But on the other hand, there are some nice roles emerging for SAP Security experts like yourself. Now, let's be clear: SAP Security is not really as sexy as it sounds, at least when you compare it to the overall Security expertise that's required to secure an entire IT infrastructure from hackers and anyone else trying to break into your system. With SAP Security, you're not usually dealing with the overall task of protecting the entire enterprise and ensuring the privacy and integrity of data across the enterprise. SAP Security really comes down to one main task: authorizations. The good news for you is that managing SAP authorizations is more complex than ever, as there are more and more SAP products involved that have very different access issues. Depending on which applications are running, every SAP install has different authorizations issues, and it's a complex enough area to require focused expertise. To better answer your specific question, I spoke with a couple of SAP staffing experts as well as a Security consultant, and they all confirmed what I mentioned here: SAP Security is still a viable niche for consultants who have focused Security expertise on multiple projects. Since you have this skills profile, one way to build on that expertise is to explore new contracting opportunities in SAP Security. The best way to find out if you if have a marketable contracting niche is simple: put your resume out there, as discretely as possible, and see what kind of offers you can generate. The offers you get (or don't get) will give you a good sense of what's out there for you. Keep in mind that this is a tough market to contract in, so you may decide to ride out your current position and test the waters again when the market improves. Of course, SAP Security contracting is not your only career option. You seem to be approaching a fork in the road: one fork leads into increased levels of project management, and likely has you staying with your current firm and taking on more responsibilities. Another fork leads you away from your current job and into a hands-on contracting niche in SAP Security, taking on the responsibilities of managing an independent contracting career. Both are potentially viable career paths - your ultimate decision should be based primarily on the career path that you find most compelling. But keep in mind, in order to land an SAP Security contract, you'll need to put together a resume that downplays your management responsibilities and emphasizes your hands-on Security expertise. Keep in mind that if you have moved away from hands-on skills on recent projects, you'll have a hard time landing a contract, and that particular career track will not be open to you until you update your hands-on skills with the latest Security know-how.

Dig Deeper on SAP security