SAP Security

• Strong knowledge and experience of initial GRC Access Control 10/10.1/12 configuration,
• Fully conversant with Business Rule Framework, BRF .
• Very Strong knowledge and experience of configuring GRC 10/10.1/12 AC Components (ARA, EAM, ARM, BRM).
• Knowledge of creating / reviewing existing Custom Ruleset (Rule Building), identifying improvements, opportunities, and remediating identified violations
• Knowledge to configure GRC AC 10/10.1 MSMP Workflows, mitigation controls and Reporting(Risk Analysis, EAM logs, mitigation control etc).
• Firefighter management/monitor, super user management.
• Has a thorough understanding of compliance (SOX), IT general controls and security requirements.

• Detailed knowledge of SAP Authorization concepts in an Enterprise environment (Single/Composite roles and role derivation), securing custom development transactions, maintaining SU24, understanding critical transactions/objects and design concepts.
• SAP security technical skills, covering the main functional areas and Basis components. Provides functional and configuration support in designing SAP authorizations and roles.
• Develops SAP roles and profiles to minimize business risk and ensure clear Segregation of Duties.
• Understands the business processes and applies that knowledge to develop SAP access controls and solve user access problems.
• Understands dependencies and interrelationships between separate functional modules and SAP systems.
• Participates in user access requirements gathering, blueprinting and documentation.
• SAP Security Level documentation/periodical system monitoring.
• Assists in initial testing of problem fixes, change request, enhancements, and new functionality.
• Works with the Service Desk and other support teams to facilitate incident and problem resolution.
• Experience of supporting user access across multiple SAP modules and SAP systems.
• Ability to coordinate and work with peers and cross functional team (Functional. Developers, BASIS, etc.) in a flexible work environment.
• Participate in internal and external audits, working with audit teams to ensure appropriate control and monitoring are in place to support our business.
• Develop and maintain security processes to ensure compliant, efficient and timely approval of access throughout the SAP landscape.

Minimum Qualifications: (List the minimum qualifications and experience this position requires. Only list those areas that are essential to this position. Be as specific as possible, i.e. Bachelors degree in Chemical Engineering, 5 - 7 years relevant work experience).

• Bachelors degree ( prefer Computer Science or related field )

• 4 years of Governance, Risk, and Compliance (GRC) solutions in Access control (10.1), certification preferred.
• 5 years of SAP experience with SAP authorizations (ERP and HANA) as a consultant or worked in a customer facing environment (Internal or External).
• Experience of working with Internal and External Audit - SAP security audit skills.
• 2 GRC project lifecycle implementation experience is preferable.

Position Competencies (include behavioral characteristics and leadership capabilities)

• Excellent communication (written and oral) and strong interpersonal skills.
• Comfortable working in a team and independently.
• Be pro-active and take initiative and encourage teams to do the same.

• Strong organizational, multi-tasking, and time-management skills.
• Takes responsibility for quality of work performed.
• Ability to translate technical language to non-technical colleagues.

Other Requirements (include culture, fit and values)

• Exposure to ITIL Framework.
• Understands and applies Best Practice methodologies and procedures.
• Awareness of Information Security principles.