Position : SAP Basis/Security Consultant (Multiple Openings)
Duties : Facilitating and leading workshops with business representatives; translating complex security concepts, functionality, and limitations in business language; and providing insight on compliance impacts of security design restrictions. Exhibit expertise in SAP T-codes, object level restrictions, and their impact on functionality, compliance and privacy implications. Comprehensive SAP Security experience in various SAP modules including BPC, BI, ECC and SRM Purchasing. Designing and managing security for midsized to large organizations, including those with shared services. Performing security testing –including unit testing, integration testing, business role designing, security troubleshooting, and post implementation security roles/business roles re-design. Performing SOX audit and providing GRC support to auditors and exposure to monitoring compliance. Working with security team to analyze/troubleshoot GRC workflow/security issues. Performing segregation of duties testing (new role user mapping) on SPA application security roles /users and explaining business risks and recommended solutions. Interacting with various business stakeholders and recommend SOD remediation solutions in business language to support the business. Maintaining mitigation controls library and mitigated users in GRC. Obtaining data for GRC Reports from standard reports as well piecing together multiple reports from different sources in order to provide data for operational, strategic reporting or audit support.
Location : Multiple, undetermined worksites throughout the U.S.
Education: Bachelor – Computer Science, Computer Engineering, Electrical/Electronic Engineering, or a related field of study; will accept equivalent foreign degree; Experience: Five (5) years in the position above, as a SAP Basis Consultant, System Engineer, or in a related SAP security role;
Experience must include:
- Designing and implementing security for multiple SAP environments/modules, including ECC 6.0, BOBJ, BI, Solman, NW 7.4, BPC, SRM and Purchasing.
- Configuration and setup of GRC access control components, including ARA, ARM, EAM and BRM through SPRO, and NWBC.
- Upgrading systems from GRC 5.3 to GRC 10.0, including post-upgrade steps, assessments of authorizations, and redesign.
- Performing SOX audits and providing GRC support to auditors, including monitoring compliance.
- Maintaining mitigation controls library and mitigated users in GRC.
- Using the SUIM reporting tool for analyzing users, roles, profiles, and change documents.