The SAP Security Analyst under the direction of the Sr. Manager SAP COE provides primary security support for SAP S4, BW, Ariba with an emphasis on GRC (ARA and EAM). This position includes security role development, troubleshooting user access issues and reporting on and managing conflict of interests in assigned user roles. This position will oversee managed support security services..
RESPONSIBILITIES
· Experience level: 10+ years
· Develop, maintain and implement security roles and authorizations for SAP, S/4HANA, BW/4HANA, CRM, Ariba, and other SAP systems
o Maintain user ID's and security roles across development, test and production environments
o Regularly audit and review roles and assignments for segregation of duties conflicts, compliance with company policies
o Work with SAP ERP project teams to anticipate and proactively meet their implementation needs while adhering to internal controls
o Work day-to-day operational issues submitted by customers through ServiceNow and SAP GRC (SAP Access Risk and Compliance System)
o Responsibly receive, transmit, and handle consumer and customer data per applicable policies and procedures.
o Acts as a technical consultant for the business, ensuring security processes for systems align with business needs, architecture and technical standards.
o Provides security guidance and training to IT associates, business information owners and business management.
o Assists in the development and maintenance of information security policies, standards, and procedures; and assist in resolving security policy issues and implementing security procedures.
o Works closely with the Senior Security Architects to ensure security solution consistency with the enterprise architecture and strategy. This includes the review of detailed specifications for security systems and the associated design, scalability, completeness, quality and performance.
o Proactively reviews and analyzes new or proposed security systems, tools and methodologies, assessing their risk and their value in support of security strategy and corporate goals.
o Monitor and maintain security tools that control and monitor information security,
o Monitor, investigate, and report on security events and incidents.
o Stays up-to-date on relevant security trends. Develops and maintains a network of contacts that can provide information.
o Assists with the development, documentation, implementation, and communication of an enterprise-wide information security strategy and policies.
o Assists with the development, implementation, and management of security controls, processes, and policies as a result of analysis, research, and recommendations.
o On an ongoing basis, conducts security assessments and audits of SAP application portfolio to identify determine issues, weaknesses and gaps in processes and technology
o Works with all company business units, legal, and internal/external audit
o Advises on security training and awareness
o Review and follow data privacy practices, policies, and guidelines