SAP GRC Sr. Analyst (GRC) #103435
SAP GRC Sr. Analyst
An SAP GRC Sr. Analyst is needed for a Direct-Hire position in Elkton, MD.
Responsibilities of the SAP GRC Sr. Analyst include:
- Initial setup of GRC and connections to S4HANA and Gateway
- Implement standard GRC access controls and help uncover SOD conflicts using standard rule set and mitigating controls and (SOD) risks and remediating identified violations
- Setup Firefighter access
- Customize rule sets. Implement remediation
- Experience with design and implementation of access request management (ARM) and workflow
- Experience with configuration of new roles within SAP GRC Business Role Management (BRM)
- Experience with system monitoring, background job administration, spool administration. Strong knowledge and experience with provisioning and SAP/SailPoint platform for automated provisioning and de-provisioning
- Firm understanding and experience with ABAP Roles, UME Roles, and Portal Roles/Groups
- SAP GRC Access Control (AC) Administrator activities for components ARA, EAM & ARM, perform support activities & rollout to other regions/systems
- Should be able to complete technical configuration of various modules in the SAP GRC environment like access workflow, risk analysis, emergency access management, etc
- Understanding of smart practices for SAP GRC with S4HANA, HANA database, and cloud applications
- Design and enhance the risk ruleset in SAP GRC Access Control (AC)
- Configure the continuous control monitoring in SAP GRC Process Control (PC)
- Customize ruleset & perform SOD & Sensitive access risk analysis and suggestions to Security team to build authorizations based on SOD standards and business requirements and Establish mitigations
- Create/Customize Business Rule Framework plus rules & Customize workflows as per business requirements
- Configure Fiori Apps for ARM approvals
- Troubleshoot issues in SAP GRC; apply and testing for SAP notes as required and other GRC related activities
- Review firefighter usage & suggest improvements
- Work with business teams to gather access requirements and then analyze for SOD conflicts within a global enterprise
- Should have good exposure and implementation experience in SAP Systems like S/4 HANA, Fiori, HANA DB, BI, BOBJ, etc.
- Responsibilities will include assessment, design and implementation of business process controls and/or SAP GRC 10.x or higher Process Control
Requirements of the SAP GRC Sr. Analyst:
- 4+ years’ experience in SAP projects with at least 2 full cycle implementations (minimum of 1 SAP GRC access control and process control implementation for version 10.x or higher)
- Strong exposure to implementation and IT controls on SAP GRC reporting and user access environments.
- Demonstrate a strong understanding of large-scale information technology systems; Experience with delivering enterprise-quality application security solutions. Demonstrated blend of strategic, execution, and operational success of leading application security in a global and high transaction environment
- Familiarity with the following concepts: Application logging/security reporting, Application vulnerability testing, code reviews
- Strong interpersonal communication skills with a proven track record of collaboration and influence across a diverse audience of business and technical team members.
- Demonstrated experience in the creation, adoption and execution of a strategic plan
- Ability to manage small teams that successfully execute large initiatives in addition to smaller ongoing support projects
- Vendor Relationship - Building strong relationships with a variety of third-party providers to deliver the tools and skills needed to fulfill the GRC strategy
- Commitment to customer service and be committed to pro-active review of processes and procedures to continually enhance service quality, service delivery and support
- Excellent interpersonal and organizational skills with ability to communicate effectively with both technical and non-technical customers.
- GRC 10.x or higher experience. Good understanding of SAP Basis Experience working with SAP GRC 10.x or higher
- Should have very good communication skills and able to gather requirements from customers for designing of SAP GRC application
- Basic knowledge of SOX and the implementation of ITGC controls in the Access Control environment
CSS Tec offers a range of IT professionals skilled in these roles: Salesforce Consulting/Administration, Project Managers, Scrum Masters, Cloud Architect, Developers (.NET & JAVA & Full Stack) Business Analysts, QAs, System Administrators, Network Engineers, Help Desk Agents, and Desktop Support Analysts. We specialize in Contract, Contract-to-Hire, Direct-Hire, and Project-based positions staffing nationally in the IT space. CSS helps organizations execute on key initiatives by delivering critical enterprise resources to complete projects, gain operational efficiencies, and drive customer success for our clients.
CSS works with our clients and candidates to communicate the opportunity being extended along with the experience required and approved by the client. In turn, the compensation is based on experience and the decision to extend an offer at a specific amount is determined by the hiring company, not CSS. We value the opportunity to represent you and are legally obligated does not and shall not discriminate on the basis of race, color, religion (creed), gender, gender expression, age, national origin (ancestry), disability, marital status, sexual orientation, or military status, in any of its activities or operations.