Senior SAP SECURITY ANALYST

Required Skills/Qualifications:

 

  • The Senior SAP Security Analyst will be responsible for SAP Security access and user access controls for the global instance of SAP for an international company with locations in over thirty countries.
  • This individual will work closely with the SAP functional teams and the hosting partner in architecting, designing, implementing and governing the SAP security framework.
  • Candidate should have 7-10+ years of hands-on relevant SAP system support experience with design, implementation methodologies and administration with a minimum of five implementations
  • Deep technical knowledge of key SAP Security areas:
  • Knowledge of SAP modules (SD, PM, PLM, MM, PP, PS, FI, CO, BI) and SAP structures, configuration standards, object dependencies and tables
  • Extensive experience in various SAP Security models as ECC, BW, Portal/IDM, and GRC 10.0 or higher
  • BPC, FIORI, JAVA, HANA, and UI5 experience preferred
  • Research and implement security notes, upgrades, legal/compliance patches, deployments and enhancements
  • Must have the ability to evaluate business risks associated with security role design, implement appropriate controls to address those risks and provide recommendations on ways to simplify and streamline the security design

 

Position Responsibilities:

 

  • Serve as the SAP Security subject matter expert
  • Able to communicate effectively with business users at all levels of the organization as well as SAP technical and functional team members
  • Adherence to SOX controls and standard operating procedures
  • Able to lead all security activities related to internal and external SAP security audits independently
  • Recommend and develop security measures to protect information against cross authorization issues and business risks
  • Work with business and project teams to troubleshoot issues with security objects to identify and implement appropriate solutions
  • Identify the risks in business process and providing remediation/mitigation solutions and customized solutions to automate the business process
  • Design and build security roles and authorizations and run segregation of duties checks
  • GRC Access Control 10.x minimum with 12.0 preferred – Access Risk & Analysis, Emergency Access Management, Business Ruleset Management
  • Configuration of the GRC rule sets (SOD), authentication/authorization/emergency access and access recertification based on business needs, industry best practices, and regulatory requirements
  • Segregation of Duties (SOD) reviews using SAP GRC and remediation Job profile includes: Analyzing SOD violations through SAP GRCs Access Control (AC) module. Highlight and discuss violations with role owners / business users for remediation Identify and assign mitigating controls to violations that cannot be remediated
  • Designs and implements workflows
  • Monitoring activities such as UAR reviews, Critical permissions, Segregation of Duties, Firefighter Log Reviews
  • Job scheduling and integrations with SAP
  • Provides daily production support for various SAP systems as needed including but not limited to:
  • User provisioning such as user profile management
  • Role management
  • SOD simulations
  • GRC Firefighter setup
  • Locking/unlocking/password resets
  • Trace analysis and troubleshooting authorization issues
  • Addition of standard and custom transaction roles

 

Additional:

 

  • Bachelors or Master preferred
  • Travel is not required
  • There will be occasional requests to work US hours for one to two weeks in duration (i.e., in support of a go-live or production deployment event)
  • Strong verbal and written communication skills
  • Extreme attention to detail and meticulous record keeping for audit purposes

Apply Now