SAP Security Sr. Analyst

Overview
This role will lead and in cases support the execution of day-to-day
activities for SAP GRC deliverables for the PGT Global and individual PGT
projects. This role requires close collaboration with SAP Security project
lead and Global SAP GRC Manager to determine priorities of work intake around
access provisioning and recertification and ensure that requirements are
reviewed, solutions developed and implemented according to the project
timelines. The role will also closely work with the PMO, SAP Security, myidM,
portal, Global GRC, design authority, technical and control teams to design
solutions coming in through work intake processes and provide periodic updates
on activities.The scope of the role includes
* Being hands on in GRC system to develop solutions and workflows and well versed with configuration and BRF+
* Ensure SAP project work while in project phase are addressed in a timely manner; in sustain phase are addressed within SLA
* Serves as the liaison between Application Support, Security and GRC teams in understanding the requirements and building a solution
* Maintain SAP GRC systems to follow the Security standards and policies
* Execute the Quarterly SOX reporting
* Analyzing SOD risks in partnership with the Control Organization Creative thinker with ability to apply analytical skills to different issues
* Should be able to clearly communicate and articulate requirements with good presentations skills
* Be able to work with a geographically spread team
Responsibilities
* Management of SAP GRC workflows and master data in compliance with controls. Provide governance and technical assistance to IT teams, control teams and key business users. (Executing actions & Making decisions)
* Facilitate and execute GRC workflow and master data change activities including providing assistance/ guidance to functional/ technical teams
* Define and maintain GRC configuration standards
* Monitor the GRC workflow and master data design to support Sarbanes-Oxley Compliance (SOX), including Segregation of Duties (SoD) and business/ technical sensitive transactions
* Work with SAP Security and SAP Governance team to define GRC solutions and influence role build strategy in line with system capabilities
* Good to have GRC ‎12 experience
* Knowledge of SAP security authorization concept, as well as design and implementation methodology
* Demonstrates ability with SAP security transactions and SAP GRC
* Technical proficiency with security build and requirements analysis/definition across multiple SAP systems (e.g., ECC, BI/BW, CRM, SCM, Process Orchestration, Fiori, SAP HANA etc.)
* Multiple years of IT system support experience
* Understanding of internal controls, segregation of duties (SoD), sensitive transactions analysis, basic SAP development (e.g., ABAP integration points), SAP modules, SAP Transport Management System, SAP Web Application Server, NetWeaver, HANA)
Non- Technical Skills
* Analytical, motivated, and self-confident with communication to business users, IT partners, and managers
* Establish project deliverables and priorities working closely with PMO
* Ensures team success through organizational, functional, and team alignment towards team mission and objectives
* Proficient knowledge in Microsoft office tools including MS Access
* English proficiency required
Differentiators
* Product certification(s) in SAP Security Administration and or SAP GRC
* Information Security certifications such as CISA, CISM, CGEIT, CRISC
* Knowledge of COBIT, IT risk frameworks, and experience with ITIL processes
* Experience in an IT customer facing role; comfort and confidence interacting with various levels of users, including frontline management
* Ability to communicate solutions and impacts to customers and stakeholders
* Ability to excel in an aggressive, change oriented environment
* Ability to support weekend and off-hours activities
* Service oriented attitude
Work with Controls Governance and IT teams to ensure holistic approach is
taken to remediate Corporate Audit findings
* Manages the execution of SAP GRC reporting approach and adoption, including risk assessment processes, continuous monitoring, training and reporting (Providing consultation)
* Train users in IT processes and procedures; provide assistance during external and internal audits
* Participate and drive workshops and team discussions between SAP security and GRC teams
* Integrate security governance within overall control environment and sustain activities with the impacted parties
* Interaction with audit, risk, and control personnel to explain and evaluate the structure and design of GRC processes
* Plan, communicate and coordinate key control (e.g., SOX) activities such as the quarterly related IT application control reporting
* Reinforce correct SAP security and GRC procedures with project teams and third-party provider teams
* Provide recommendations on ways to simplify/ streamline existing processes and controls to gain productivity
* Ensures SOX controls compliance by executing SAP security sector procedures
* Reviews OSS Notes, security patches; implements and tests those patchesParticipates in security reviews
Manage internal/ external audit relationships to maintain a positive outlook
on the progression of SAP GRC processes (being informed)
Qualifications
* Bachelor 's/Master's Degree in Business, Information Systems, Computer Science (or equivalent) is required
* Minimum ‎10+ years of Total experience
* Minimum ‎5+ years SAP security and ‎4+ years of GRC experience
* Minimum of ‎2 full life cycle implementations
* Technical Skills
* Competent in GRC configurations, Access Controls, BRF+, Emergency Access Management, Converged solution for cloud