SAP GRC and Cloud Security Specialist

About The Position

Requirements

• Bachelor’s degree in computer science or related field; or equivalent work experience.
• Minimum 7 years of relevant experience in SAP Security (including Fiori) with two (2) implementation projects in SAP required.
• Minimum 3 years of experience in SAP GRC (EAM, ARM, BRM, Ruleset, etc) required.
• One implementation in SAP on GCP highly preferred.
• Minimum 1 years of experience in Cloud Security preferred.
• SAP HANA Database Security experience preferred.
• SAP Security, SAP GRC and GCP Cloud certifications are preferred.

Nice To Haves

• Strong knowledge of SAP products like S/4hana, HANA, Fiori, PO, SolMan, BODS, ASE etc.
• Extensive knowledge of SAP security concepts, including authorizations, roles, and data access control.
• Ability to lead critical issues involving SAP on GCP, Fiori with S/4hana and SAP HANA.
• Knowledge of GCP Cloud security tools and IAM (Identity and Access Management) and access controls.
• Strong analytical and problem-solving skills to identify, diagnose, and resolve security issues.
• Knowledge of Cloud Security Principles and compliance frameworks.
• Familiar with JSOX and GXP compliance and regulations.
• Good understanding on SAP security fundamentals and authorization concepts.
• Ability to take ownership of work activities and take it to conclusion in a timely and efficient manner.
• Effective communication, both written and verbal, with technical and non-technical multi-functional teams spread across regions.
• Willingness to learn new skills/techniques/processes.

Responsibilities

• Provide solution and approach as per the Business Requirements.
• Contribute with the development of the SAP Security Strategy that is well-designed, practical, and appropriate to support multiple SAP products, projects, and user requirements.
• Independently deliver the security strategy for ongoing projects and deliver an SAP security strategy.
• Conduct gap analysis and assessments to bring up improvement in SAP and Cloud Solutions.
• Develop and implement SAP security protocols, including user access controls, roles, and authorizations.
• Design and configure security in SAP S/4HANA, Fiori, SOLMAN, PO & GTS to meet the company’s security requirements.
• Work with SAP COE Leader, Project Team and Core Business Team for the successful design, configuration, unit testing, integration testing and user acceptance testing of the SAP S/4HANA.
• Design and implement GRC Access Control.
• Assist project manager in security governance projects and manage daily security tasks.
• Collaborate with other IT teams, business stakeholders, and external vendors to integrate security into overall IT strategy and projects.
• Configure and check the SAP and GCP Cloud configuration for Audit log and the retention policy associated with it and made sure it is compliant as per our Company’s requirement.
• Manage and maintain GRC tool and applicable policies and procedures.
• Create and test the Security Test Scripts to achieve the sanity checks from Security Objects perspective in different SAP systems.
• Work with other Process Team(s) in development and execution of the cutover activities.
• Document the role design, security approach and road maps for new SAP and Cloud solutions.
• Implement automated ways of working using RPA and scripting to improve the turnaround time and quality of work.
• Adhere to the company’s procedure (ITSM, CHARM, etc.) for user management and role management.
• Meet the SLAs for incident and enhancements.
• Respond to security incidents, investigating breaches, and implement and coordinate corrective actions.
• Troubleshoot issues across multiple SAP and Cloud products and peripheral software.
• Collaborate with various process areas like RTR, OTC, LWM, STP, FTP, QBM, PM, Basis, DATA and Developer to provide a solution for their requirements.
• Develops value adds, automations and process improvements for the team’s efficiencies.
• Create and provide training and support to internal teams and users on SAP security best practices and procedures.
• Proactively monitor the SAP and Cloud applications for security breaches and anomalies.
• Create and maintain quality documents for Standard operating procedures and work instructions.
• With the understanding of the business processes, identify SOD risks and business impacts and work with appropriate parties to address issues and resolve the risk.
• Perform security audits, monitoring system logs, and ensuring compliance with industry regulations and internal security policies.
• Ensure compliance with industry standards and regulatory requirements for SAP security.
• Run regular SOD and BCA analysis at Business role & Business user level and mitigate the risks.
• Understand the IT controls and monitor it as per our Company’s Risk and Control Matrix.
• Work with the external and internal audit team to trigger the various controls and make sure that the controls are effective and up to date.

Benefits

• Annual bonus
• Paid vacation
• Paid holidays
• Health, dental and vision benefits
• 401(k) with matching contributions
• Tax advantage savings accounts
• Legal plan
• Voluntary life and AD&D insurance
• Voluntary long-term disability
• Short term disability
• Critical illness and accident insurance
• Parental leave
• Personal leave
• Tuition reimbursement
• Travel assistance
• Employee assistance program