SAP GRC or SAP, S4/HANA Security Expert

Job Description

About Atos

Atos is a global leader in digital transformation with over 110,000 employees in 73 countries and annual revenue of over € 11 billion. European number one in Cloud, Cybersecurity and High-Performance Computing, the Group provides end-to-end Orchestrated Hybrid Cloud, Big Data, Business Applications and Digital Workplace solutions. The group is the Worldwide Information Technology Partner for the Olympic & Paralympic Games and operates under the brands Atos, Atos Syntel, and Unify. Atos is a SE (Societas Europaea), listed on the CAC40 Paris stock index.

The purpose of Atos is to help design the future of the information technology space. Its expertise and services support the development of knowledge, education as well as multicultural and pluralistic approaches to research that contribute to scientific and technological excellence. Across the world, the group enables its customers, employees and collaborators, and members of societies at large to live, work and develop sustainably and confidently in the information technology space.

Your role in Atos - Job Description

SAP GRC or SAP, S4/HANA Security Expert is a strong technical position which will support the various on-site or remote Atos customer’s SAP, S4/HANA, SAP GRC information security, cybersecurity projects on various project life cycle and maturity assessment. You may also support broader customer’s ERP environment related cyber security risk assessment, which SAP, S4/HANA, SAP GRC security may be an integral part. You will work directly with various customer’s SAP teams to design, build or deploy SAP security by respective configuration, development of tooling to automate and scale SAP security testing capabilities to support prototyping and development processes.

Moreover, you may work with customer’s SAP, S4/HANA, SAP GRC to ensure that critical workflows have effective and appropriate security detection and response capabilities based on various amounts of data to detect and prevent SAP security attacks. You may support customer’s SAP development or R&D centers implementing “security by design” concept or assisting in eliminating currently identified customer’s SAP or boarder ERP systems environment cyber risk exposure. You may also advise and participate in implementation of SAP security in general, including but not limited to SAP GRC application deployment in customer environment, assisting in technical support for installation and configuration.

As SAP security advisors, you may review the customer’s current business processes and ERP environment, define the new business processes and system requirements to be implemented, configure and implement the SAP security requirements to support the updated customer’s information security policy or business processes, and assist with knowledge transfer and training of end-users. The SAP Security Consultant may also provide administration services related to the design, installation, administration, testing and on-going maintenance of SAP GRC, SAP HANA S/4.

You may be also responsible for designing and implementing business processes and controls clients SAP on-premise and Cloud environment(s), including SAP S/4 HANA, GRC, Identity, and cybersecurity. Implementation expertise in Successfactors, Ariba, Concur and C4C Security and its integration with SAP Core or creating customize roles in HANA Database Developers, Modelers, Technical Administrators, Power and End Users.

Exemplary responsibilities on the dedicated SAP, S/4 HANA, SAP GRC cyber security project may include:

• Advising on application security requirements gathering and analysis for an SAP ECC, BW, GRC system, Solution Manager, PI
• Deployment of SAP solution specific Security measures, i.e.: SAP R/3 security, GRC, BW/BI, HR, FI, Portal security etc.
• Advising cross-functionally to develop SAP role security requirements, SoD Matrices to complete end-to-end accounting and financial business processes
• Checking SAP Infrastructure feasibility from security perspective (i.e. Portals exposed to internet or extranet work closely with network providers for firewall security, VPS etc.)
• Elaboration of SAP security guidelines, access policies, disaster recovery plan, business continuity roadmap
• Participation in application integration for example: LDAP, IDM, SAP UME, shared directories etc.
• Checking for possible backdoor access vulnerabilities (i.e. open RFCs, function modules like ping_rfc)
• Identify access control process improvements and confirm audit compliance
• Elaboration of System Landscape Concept - Hardware and Software specifications (close cooperation with BASIS or DBAs)
• Installation of Software Components (NW and GRC Components and the installation of SAP Backend Components like Real Time Agents and the post-Installation configurations)
• Post-Installation and Basic Configuration, creation of connectors and additional basic configurations
• Conduction of Workshops for Risk Creation and Ruleset customizing
• Implementation of Custom Defined Rules in the Application
• Test of Applications
• Conduction of Workshops for Approval Methodology and Workflow Use Cases
• Conduction of Workshops for Superuser Role Usage and Management of Superuser
• Role Change and Creation Workshops in GRC ERM.
• Preparation of Documentation and Delivery of Custom Concepts for Compliant User & Role Administration
• Handling of Errors or Issues.

What Are We Looking For / Essential skills and competencies:

• Master's degree in Computer Science, Engineering, or related field or equivalent work experience
• SAP Security / SAP GRC or Security of S/4 HANA experience (High-performance Analytic Appliance (HANA) Database security analytic authorization)
• Experience implementing security and controls on Fiori Artifacts (attribute views) native HANA, and S/4 HANA.
• Ability to fully configure SAP’s security framework and SAP’s Access Control specifically in Access Risk Analysis (ARA), Access Request Management (ARM), Emergency Access Management (EAM), and Business Role Management (BRM) modules.
• Understanding and implementation knowledge of SAP GRC Access Control Suite 10.x
• Migration/upgrade experience from earlier GRC versions to GRC 10.x
• Good understanding of SOX compliance laws, SOD conflict issues
• Excellent customer service and communication (oral / written) skills required.
• Must be able to work independently or with a team, under minimum supervision, reporting to Project Manager of given assignment or Line Manager.
• Fluent English is a must, Intermediate or Fluent German or French is a great plus
• International mobility to serve our global clients and work with our global clients (50-100%) Europe or other continents. You accept readiness to travel up to 80-100% on average 60% also there are remote projects dependent on the assignment, mainly Europe but other continents are also possible.
• EU work permit is a must, US visa is a plus
• UK Security Clearance or UK citizenship – is a big plus
• Location - anywhere in Poland close to an international airport.

We offer work in an international environment, a competitive salary package, relocation bonus (according to the internal procedures), private medical care, life and disability insurance. Learning & Development / Coaching and mentoring sessions.

Are you keen to use your experience within a company that is committed to supporting career development? Don’t hesitate, join us, develop your talent and take advantage of career opportunities within Atos Consulting !

We take care of your personal data privacy. More information about processing your personal data within recruitment process you can find on our website: https://atos.net/pl/polska/gdpr