SAP GRC and Security Consultant (Looking For Immediate Joiners only)

JOB TITLE: SAP Security & GRC Engineer

JOB OVERVIEW: The SAP Security & GRC Engineer will be responsible for assisting and supporting SAP systems that support global SAP ERP (ECC and S/4 HANA) and global reporting departments. It includes the analysis and implementation of the security requirements for all SAP projects as well as day-to-day operational activities, support of SAP security requests globally.

ROLES AND RESPONSIBILITIES • Work as part of security team to help design and develop solutions to meet the business requirements in all the related functional areas such as MM, SD, FI, CO, QM, APO, SRM & EWM. • Assist and support the team in all phases of the project life cycle including analysis, design, development, testing, deployment and post-production support/maintenance for assigned projects. • Analyze security SOD risks while role development and work with business towards creating mitigation control/s • Good working knowledge of JIRA tool to work on Security assigned queue for both project & support tickets • Assist in enforcing day-to-day Security support policies and procedures by working with various business and IT stakeholders. • Understanding of Sarbanes-Oxley Risks/requirements for SAP controls (SOX) • Manage and mitigate Segregation of Duty conflicts with both users and roles with Business input using SAP GRC • Work with Internal and External Audit to make sure audit criteria are met • Demonstrate effective and collaborative communication with internal team members and functional team members • Provide analysis and documentation of security requests to ensure changes are documented and approved according to Callaway policies. • Works independently with end users and manages to obtain and verify approvals prior to implementing changes • Educate Junior team members. Support various project areas in an efficient way

TECHNICAL COMPETENCIES (Knowledge, Skills & Abilities) • Comprehensive knowledge of security administration processes and practices in SAP ECC, S/4, Fiori, EWM, GRC, BI, BOBJ, APO, SRM, SAC & IBP. • Knowledge of multiple business area processes such as sales, supply chain planning, purchasing and production, and finance to provide business area context to designed security solutions. • Analyze SAP Governance, Risk and Compliance across all business areas, with particular emphasis on Access Control • Ability to work with business and functional team to translate functional design requirements into complex technical specifications • Good ability with SAP ECC role design and S/4 Fiori catalogs, groups, debugging capability, authorization trace resolutions (Ex: Tile cannot be loaded) • Experience in applying security best practices for S/4 HANA Fiori & GRC Access Control 10.1/12, implementation & upgrades • Experience in GRC Process Control would be an added advantage • Solid understanding of role re-design concepts (including sensitive access, segregation of role/s based on internal review or auditors observations). • In-depth knowledge of thorough testing and validation practices and procedures for various go-Lives, system upgrades or patches and transition into live environments. • Excellent communication skills, both oral and written, including ability to produce professional documentation for standards, policies and procedures, and ability to articulate complex technical architectures to a non-technical audience. • Run and support SOD related (example- mitigation controls, EWA, Critical Access Review, etc) recurring reports at desired frequency. • Proficient with User Access Review (UAR) processes – working with business, to identify SOD risks (High/Critical), role removal, sensitive access analysis and create new role/s as needed. • Work with SOX & Compliance team to address SOX and ITGC controls audit queries from external auditors.

EDUCATION AND EXPERIENCE • At least a Bachelors degree in computer science or related field. • Minimum 4-9 years of experience in SAP Security which includes at least 4 years of GRC experienc