The analyst supports the SAP GRC Lead and manages adherence to the access controls and process controls framework for the team on a hub-by-hub basis.
- Work closely with the functional and technical teams as well as the business and off shore support teams to ensure critical actions are understood.
- Ensure that application security standards are well integrated into systems
- Monitor and maintain SAP application security policies, standards, guidelines, and procedures that are in alignment with the corporate strategic plan and supports the project team during the implementation
- Manage multiple requests/projects and escalate issues as they arise
- Responsible for implementation and integration of SAP GRC Access Control (AC) and other post go live sustainment tools
- Work with the business managers in refining risk and mitigating controls
- Support/educate business stakeholders on access risks and mitigating controls
- Understand compliance related issues as it relates to SAP business roles
- Analyse information across multiple groups, identifying risks & issues, and proposing sustainable solutions
- Monitor the SAP environments for applicable compliance, including but not limited to Segregation of Duties and sensitive transactions.
- Audit to detect deviations of established procedures, role mapping, unauthorised changes to the SAP security and report findings to management.
- 5+ years experience in SAP GRC
- Hands on experience with Firefighter, Access Request Management, Risk Analysis, Business Role Management
- 1 full project implementation completed with SAP GRC
- Experience with the entire SAP GRC suite specifically Access Controls and Process Controls
- SAP GRC Access Controls certification preferred
- Excellent understanding of SAP Security Administration
- Experienced and comfortable working culturally diverse outsourced on/offshore staff to project work and production support service delivery
- Solid understanding of key processes and methodologies user provisioning, role definitions, SOD analysis for SAP systems (ECC, SRM, BPC, etc)
- Experience in using a ticketing system, logging, updating, and closing tickets (and meeting SLA metrics)
- Strong business process and control background