SAP Security & Authorization Expert

Summary:
The SAP Security & Authorization Expert is crucial in managing identity management and user provisioning for SAP systems, ensuring compliance with various regulatory standards while optimizing security protocols.

Responsibilities:

• Manage SAP IDM solution for Identity management and user provisioning.

• Develop GRC rule sets (SOD), workflows, and approvers for user provisioning/de-provisioning.

• Conduct SoD analysis and remediation across SAP environments.

• Ensure compliance with regulatory requirements such as GDPR, SOX, and industry standards.

• Act as a Security subject matter specialist providing application support.

• Design and implement SAP Security and GRC solutions.

• Maintain and support SAP Security & GRC and SAP IDM modules.

• Be available on-call on a rotating schedule for major issues.

Must Haves:

• Bachelor's degree in Computer Science, Information Systems, Electrical Engineering, or related field.

• Extensive experience with SAP Security, SAP GRC (10.1 and 12), and SAP IDM Access Control.

• Hands-on experience with Segregation of Duties including SAP GRC rule set, MSMP, and BRF+ configuration.

• Strong understanding of SAP modules (e.g., FI/CO, MM, SD) and controls frameworks.

• Experience in maintaining GRC risk library, roles, and user administration.

Nice to Haves:

• Advanced degrees or professional certifications (e.g., CISA, CISM, CISSP).

• Good understanding of risk management in business processes.

• Strong interpersonal and communication skills.

• Leadership capability in a team environment.

Other Details:

• Location: Not specified

• Team Structure: Part of a larger enterprise system.

• Reporting Lines: Not explicitly mentioned.

• Tools: SAP Security, GRC, and IDM modules.

Reason (Must Have):

• Bachelor's degree: Essential for understanding technical concepts critical to security development tasks.

• Extensive experience with SAP Security and GRC: Vital for managing identity and risk effectively in SAP applications.

• Hands-on experience with SOD: Directly linked to responsibilities involving user provisioning and compliance.

• Understanding of SAP modules: Necessary for effective design and support of security measures.

Reason (Nice to Have):

• Professional certifications: Enhance the credibility and expertise in security best practices.

• Understanding of risk management: Useful for aligning security measures with business objectives.

• Strong communication skills: Important for explaining technical solutions to non-technical stakeholders.