Job Details

  • Title: SAP Security Analyst
  • Code: RCI-1762-1
  • Location: Blairstown, NJ 07825
  • Posted Date: 11/22/2021
  • Duration: 3 Months
Talk to our Recruiter

  Job Description

1st Shift/Day - 5 x 7

CBI Job Family: Information Technology

Position Summary

  • The Sr. SAP Security Analyst is part of the CBI IT Controls and Compliance Team and is responsible for supporting all aspects of security for CBI’s SAP environment and integrations with SAP GRC Access Control and Process Control.
  • This position will be responsible for maintaining the security role design and access controls over a complex SAP landscape, that includes S/4Hana, Fiori, BOBJ, Hana Database, Enterprise Hana, SAP Ariba, IBP, SAP Cloud Essentials, SAP IAG, and other SAP applications.
  • This role will proactively collaborate with various constituents across product teams, business functions, information technology and information security to sustain a secure and compliant environment that meets the business needs and priorities.
  • This role requires a high level of competency in SAP security configuration, of roles, transaction codes, authorization object and Fiori applications and a strong understanding of SAP Ariba, Business Objects (BOBJ), BPC and SAP GRC.
  • In addition, this role will execute and support key IT general controls over the environment including access controls over critical actions, SOD and supporting ruleset design.
  • The individual will develop and mature internal security compliance monitoring activities and IT internal control procedures to support audits.
  • The position requires security administrative experience in SAP S/4HANA, Fiori, SAP Cloud Essentials, SAP GRC Access Control including ARM, UAR, ARA, BRM and EAM and SAP GRC Process Control.
  • The ability to analyze and troubleshoot complex technical issues and a strong understanding of regulatory compliance and security best practice is necessary along with SAP software knowledge and working experience with security roles, transactions, objects, and authorizations.

 

Responsibilities

  • As an SAP security expert, participate in the enhancement and support of S/4HANA, Fiori, Cloud Essentials, and SAP GRC (Governance Risk & Compliance) Process Control and Access Control modules including ARA, ARM, BRM and EAM

Ability to work collaboratively and support product teams, including:

  • Application Development for assessing security requirements, providing best practice recommendations, and implementing.
  • Business Process teams in assisting with troubleshooting issues involving system security.
  • Operations for compliance, security, and control requirements
  • Knowledge and understanding of business processes and translating business requirements into technical security specifications.
  • Assessing the security and IT control risk of the environment
  • Assessing the impact of security to other areas of the system (e.g. other modules, the production operations or development operations)
  • Recommending best solutions or alternative solutions based on risk.
  • Responsible for security role and profile configuration, user assignments and maintenance in SAP S/4HANA, Fiori, Hana Database, Ariba, SAP GRC; and other applications within the scope of our SAP landscape
  • Leads design, configuration and testing activities related to security roles, critical actions, segregation of duties (SOD), and related controls.
  • Provides user administration support in all SAP systems and landscapes, daily troubleshooting of user requests and account maintenance from a security configuration perspective.
  • Responsible for functional SAP GRC and SAP IAG interface, configuration and support of associated applications and developing future state procedures and governance for support and system administration.
  • Provide expertise and experiences on SAP security architecture and infrastructure security to support project rollouts, restructuring and best practices; lead efforts to define overall SAP security model for existing and future application
  • Provide training and support for GRC, policies and procedures, and security role design to users in business terminology.
  • Administration of SAP GRC configuration, SOD rule sets, workflows and approvers for user provisioning, emergency access and access recertification as well as support for upgrades, patching and testing of changes.
  • Participate in system design and business process workshops and discussions, with specific focus on security impact and requirements; conduct related testing that includes development and oversight of test plans for security components and SAP GRC.
  • Develop monitoring capabilities, automation and reporting to support key controls and compliance over privileged account access, direct data changes and infrastructure
  • Must be available on call 24x7x365 and able to quickly respond to problems affecting system security when needed, occasionally requiring work outside normal business hours (i.e. evenings, weekends, or early mornings).

 

Minimum Qualifications

  • Minimum of 5 (desired 8) years of hands-on SAP Security administration experience. Experience with SAP ERP S/4HANA, SAP GRC, SAP Fiori, Ariba and Hana Database
  • Experience with SAP Security concepts like: Roles, assignments, authorization object, critical actions, etc.
  • Experience with all modules in SAP GRC Access Control including ARM, EAM, SoD, UAR, BRM and GRC Process Control
  • Experience with Segregation of Duties management, GRC Rule Sets.
  • Knowledge of Sarbanes Oxley (SOX) regulations and Internal/External Audit reviews.

 

Preferred Qualifications

  • Knowledge of NIST-CSF security framework
  • Experience with Identity Access Management solutions and integrations with SAP GRC is desirable
  • Knowledge of and/or experience with SAP Basis Administration and ABAP programming are a plus.
  • Ability to understand and apply risk management principles to prioritization and decision making.
  • Bilingual – Spanish / English is a plus

 

Core Competencies

  • Customer Focus
  • Exceptional communication skills both written and verbal
  • Teamwork, collaboration ability to build relationships
  • Take initiative and focus on results in a fast-paced working environment
  • Self-motivated with the ability to prioritize, meet deadlines, and manage changing priorities
  • Detail oriented, analytical and very organized with ability to multitask
  • Strong problem-solving skills
  • Self-starter and ability to work independently or as part of a team