SAP Security Specialist

Supports the implementation and administration of systems and procedures to ensure the protection of information processed, stored or transmitted. Resolves routine issues regarding SAP GRC security systems. Collects and compiles historical data on system access and generates reports and analyses. Identifies, reports, and resolves security violations. Support and lead any SOX related controls from Access management. Continuously look for process improvement and liaise with Business and Functional team to deliver the service for organization

Key Job Responsibilities

1. SAP Security Operations

Provide day-to-day technical leadership for handling SAP ECC, BW, APO Security related requests
Deliver SAP Access request process for global teams
Manage Processes and Suppliers in Charge of application Security SAP access / HFM access
Ensure and maintain that security requirements in the services, technical infrastructure and ways of working
Lead and Manage GRC 10.1 (ARA, ARM, EAM, UAR) Configuration
Own any Roll-Outs and Upgrade projects independently
Serve as a key driver for the Garrett SAP Security
Drive Technology Refresh and implementation as desired

2. Audit Readiness

Accountable to deliver SOX Compliance activities related to ITGC controls
Implementing and reporting of internal controls based on SOX requirements
Support during security Audit and run GRC report for SOD people
Manages and executes high profile audits through to the senior management level
Able to manage the security exception process through Firefighter or other exception process

3. Supplier Management

Track security and compliance-related KPIs and metrics, and assist with reporting on those metrics to senior management;
Conduct periodic scans, SOD, Vulnerability assessment, code review for security breaches on the system to find exploitable weaknesses
Manage Processes and Suppliers in Charge of application Security SAP access / HFM access
Act as point of escalation for SOD / GRC Configuration related issues

Education / Qualifications

Bachelor s degree in Information Technology or related discipline Or in lieu of degree will consider 6 years of IT Security Experience for a global enterprise

Key Skills and Knowledge

Strong interpersonal and communication skills (written and oral) with ability to communicate at all organizational levels;
Track record of quickly and aggressively acting to resolve problems in the area of Application security / Crisis resolution;
Proven self-starter; able to take initiative to build organization capability and to deliver committed results;
Threat/ Vulnerability Assessment Management;
Incident Handling Analysis;
Risk analysis and mitigation;
Identity Access Management;
Governance, Compliance Audit