SAP Security Analyst

Job Description

We seek a seasoned SAP Security and Access Controls professional for this position. In this position, you will be responsible for working with other SAP Security team members to review and process day-to-day security requests as well as contribute to the design and strategy for configuring and operating the company’s security and user access framework consistently across the SAP production landscapes and non-production landscapes.

This position will be important as we continue to build on top of our recent SAP implementations (ECC6, S/4HANA Simple Finance, CRM, Convergent Charging, BW, APO, Fiori and GRC) and refine the business ecosystem and SAP landscapes to deliver greater competitive capabilities and build corporate value.

Duties & Responsibilities:

• Work closely with SAP Security team members, peer IT groups and the business community to operate and maintain a responsive, reliable and secure SAP application user access service
• Provide production support for existing security roles and functions. Triage issues that occur with end-users for role authorizations and associated T-codes. Provide consultative support and solutions to the business that meet their functional requirements while adhering to the principle of least privilege
• Comply with industry best practices for change management, user provisioning, and privileged access. Uphold corporate security guidelines including Separation of Duties (SoD) and Sarbanes-Oxley (SOX) requirements during role design and modification activities
• Partner with business process owners to align SAP roles with business requirements
• Perform SAP GRC configuration and use SAP GRC to analyze access and provide emergency access to authorized individuals
• Perform Segregation of Duties (SoD) analysis in GRC on roles during development projects
• Work with internal audit and the SOX IT Compliance Manager to evaluate Segregation of Duties conflicts and consult with business units in reducing the SoD conflicts
• Participate in SAP audit discussions and help resolve the SoD/SOX issues. Contribute to developing remediation strategies for SAP security-related audit exceptions and SoD issues
• Collaborate with team members on authoring processes, standards, and policies related to the implementation and use of SAP
• Perform data collection and request fulfillment to support internal and external audit activates
  Skills & Requirements:
• BS or MS in computer science or related field
• Minimum of 4 years of hands-on experience implementing and maintaining SAP security concepts and strategies (role design, profile generation, authorization objects, etc.) and operational administration (PFCG role maintenance)
• Demonstrable understanding of the functional components of ECC and CRM; as well as the inter-dependencies of cross module transactions between the systems.
• Experience mitigating the risk associated with segregation of duties conflicts, access to sensitive data and internal controls vulnerabilities
• Expertise with SAP GRC 10.x access controls including ARA, ARM and EAM/Firefighter
• Conceptual understanding of Java security concepts
• Familiarity with managing access and controls for S/4HANA Simple Finance, Hana-live and Fiori components is a big plus
• Willingness to learn new technology
• Occasional weekend and off-hours support

Physical Requirements

• Might be in a stationary position for a considerable time (sitting and/or standing).
• The person in this position needs to move about inside the office to access file cabinets, office machinery, etc.
• Constantly operates a computer and other office productivity machinery, such as a calculator, copy machine, and computer printer.
• Must be able to collaborate with colleagues via face to face, conference calls, and online meetings.

#LI-CB1