SAP Security & Authorizations Consultant

Our customer is one of the lead retail merchandising companies in US and Europe. The group is about to start using SAP GRC for a variety of functionalities and trying to further extend the SAP authorizations team with an experienced GRC person. Within a complex, continuously evolving and challenging environment, with a variety of different SAP systems & applications, GRC system will play a key role on identifying & mitigating risks. In other words - a challenging project that never gets boring, only bigger. 

The candidate will join a team of 3 long-term employees and industry professionals currently focused on SAP and HANA authorizations and will be responsible for the GRC environment. 

The goal of this function will be to run, maintain and further improve processes within the GRC system. The system will be used by 4 operating companies for the full IT & business population. 

Responsibilities:

• Design and implement roles and authorizations in the SAP systems of our  organization. 

• Ensure that all role modifications are done in accordance with the SODs & risks  defined in GRC ruleset and provide risk & SOD free role concept.  

• Respond and mitigate audit findings regarding security. 

• Analyze & resolve issues reported by different monitoring tools (EWA, Security  Bridge etc.). 

• Provide support regarding the authorizations of the applications delivered in  production (level 3 support). 

• Participate on building process of Change management and Life cycle management  policies and procedures of AD Group. 

• Participate in the definition of standards & naming conventions for role design.  - Follow the Change management and Life cycle management policies and procedures  of AD Group. 

• Coach team members and support / help them in an appropriate way. 

• Control strictly the roles implementation and deliverables to have high quality.  - Conduct user management related activities. 

• Participate in cutover activities.

Requirements: 

Must have:

• SAP Senior Security Consultant, with a minimum of 8 (8+) years of experience in  analysis and design of roles & authorizations for SAP Implementation & Support  Projects. 

• Deep exposure in role design principles – ability to design task-based roles to  support business & IT population. 

• Excellent analytical skills – Ability to identify risks in existing roles, evaluate impact  and propose technical solutions to mitigate risks. 

• Excellent knowledge of authorizations in ABAP based systems (S/4, F&R, Retail,  BW, HR, Success Factors, SLT, CAR, SRM, Gateway). 

• Excellent knowledge of FIORI related authorizations (catalog, groups etc.) - Excellent knowledge and understanding of SODs, critical & sensitive access  principles. 

• Deep experience of central user management and user management in general. - Experience in a retail environment will be considered a plus.

Nice to have: 

• Knowledge of HANA roles & authorizations design & management.  

• Knowledge of user management activities in other platforms (HANA, PO, Portal etc.). - Knowledge of SAP GRC (Ruleset, SODs, EAM etc.) 

• Knowledge of authorizations in SAP process orchestration (SAP PO). 

• Knowledge of authorizations concept & role design/build in newer applications like  SAP BTP, SAP MDG etc. will be considered as a plus. 

• Experience working with CSI Role Build Manage (RBM) tool will be considered a plus.  - Exposure to ABAP so to be able to identify/analyze authorization relevant issues.