SAP Security Team Lead
Position Functions or Responsibilities:
As an SAP Security Team Lead you will have direct, client-facing engagement responsibilities, serving as both role model and lead. You will demonstrates the attributes of excellent client service and assists team members in developing technical and professional competency handling SOX related issues and Internal IT Controls. You will learn to identify areas of IT risk in the client environment and opportunities to help them to improve compliance & security, and business processes.
In this role, you will:
- Analyze & understand the current Roles and Access Restrictions from an Audit stand-point and synchronize with existing SAP GRC Access Control to provide a Risk-free environment.
- Maintain, manage and monitor compliance with the SAP IT Security framework; track Internal Security Control (ISC) gaps and exceptions for the global IT control environment.
- Provide expertise on Compliance and Controls to meet the compliance reporting requirements.
- Perform ongoing maintenance of the software configuration within GRC 10.1 application.
- Supervise the SAP Security team to provide operational and technical security support for the business and serve as a technical mentor within the team to meet the defined objective
- Develop and Implement SAP security policies, processes, architecture, training, and communications. This function includes identifying security solutions, implementing standards and best practices, proactively identify and remediate vulnerabilities, and other activities.
- Responsible for SAP ERP, SAP BW, SAP PI, SAP GRC, Implementation in accordance with SAP Security Strategy and Administration/Troubleshooting the complex SAP Security Issues.
- Provide expert knowledge of SAP security design for operational and technical support. Design and maintain SAP security authorization objects and security settings across SAP applications (ECC, BW/BOBJ, CRM, SRM, etc.) to ensure integrity of the SAP User access security framework.
- Responsible for the coordination of regular review of user access on monthly super user review, monthly and quarterly critical role review and quarterly user account review.
- 10+ years of SAP security and GRC experience working on R3/ERP/ECC environments including 3 years of experience with Access Control.
- 5+ years of GRC 10/10.1 implementation experience, with a good understanding of SAP security concept specifically for GRC-Access Control and Process Control Modules.
- 3+ SAP Security full life cycle implementations.
- Possess knowledge of large and small SAP Security deployments within an organization and demonstrate the ability to serve as a lead for all initiatives and projects.
- Hands-on, in-depth knowledge of SAP Security concepts across ECC, BI/BW, BOBJ, CRM, etc.
- Familiarity with role and user administration in SAP
- SAP formal training in handling roles and user identities in HANA, S4HANA, etc.
- Good understanding of project management and quality assurance principles including familiarity with prevalent tools such as Remedy, HPQC, MS-Project, Visio, etc.
- CISA, CISSP, SAP GRC certifications will be a plus.
- 10+ years of SAP security and GRC experience working on R3/ERP/ECC environments including 3 years of experience with Access Control
- 5+ years of GRC 10/10.x implementation experience, with a good understanding of SAP security concept specifically for GRC-Access Control and Process Control Modules.