Job Description

Job Description

SAP GRC Security Analyst

The Security Analyst position is a hands-on SAP GRC role that would be responsible for maintaining the Access Control module along with implementing continuous improvement initiatives, evaluating risks as it relates to SAP GRC. The analyst is preferred to have hand-on experience in Process Control and Risk Management modules within GRC.
The analyst will also be responsible for executing SOX controls and ensuring that operational activities are in compliance with security standards and policies. The analyst will also be required to participate in project-related activities while staying abreast with the latest solutions/ capabilities within SAP Security and GRC space.

The job responsibilities include:

* Configure and maintain GRC 12 access control workflows and configuration
* Ensure SAP GRC tickets are resolved in a timely manner and within SLA
* Maintain and document GRC configuration standards
* Monitor the GRC workflow and master data design to support Sarbanes-Oxley Compliance (SOX), including Segregation of Duties (SoD) and business/ technical sensitive transactions
* Maintain SAP GRC systems to follow the Security standards and policies
* Maintain Master data within GRC systems
* Assist during yearly GRC upgrades with the execution of test scripts, contributing to identifying new test cases
* Analyzing SOD risks in partnership with the Control Organization
* Manage Security and/or GRC requirements for Work intake Projects (estimates, cross-charges, requirements gathering, etc.)
* Execution of ITGC control testing on GRC systems
* Train end-users and IT teams on GRC processes and procedures
* Provide assistance during external and internal audits
* Participate and drive workshops and team discussions between SAP security and GRC teams
* Integrate security governance within the overall control environment and sustain activities with the impacted parties
* Interaction with audit, risk, and control personnel to explain and evaluate the structure and design of GRC processes
* Plan, communicate and coordinate key control (e.g., SOX) activities such as the quarterly related IT application control reporting

Qualifications/Requirements

Bachelor's Degree or equivalent experience
Experience:

* Minimum of 2+ years experience in implementing SAP GRC, Security and Controls
* Minimum of one full life cycle implementation
* Broad understanding of Sarbanes Oxley compliance framework. Familiarity with audit, business controls, and segregation of duties is a plus
* General understanding of principles of risk and control processes and deep understanding of SAP GRC Access control concepts
* Knowledge about the SAP authorization concept and prior experience in security role design, GRC configuration and SOD mitigation
* Good understanding of various role design concepts on SAP ECC, BI, CRM, XI, HANA, GRC systems
* Proficient knowledge in Microsoft office tools including MS Access
* Prior knowledge of ticketing tools and Change management process
* SAP certification preferred

Ability to travel upto 50% for various deployments within US

AF-Tech

Relocation Eligible: Not Eligible for Relocation
Job Type: Regular