The Information Security Analyst position is a hands-on SAP GRC role that would be responsible for maintaining Access Control module along with implementing continuous improvement initiatives, evaluating risks as it relates to SAP GRC. The analyst is preferred to have hand on experience in Process Control and Risk Management modules within  GRC. The analyst will also be responsible for executing SOX controls and ensuring that operational activites are in compliance with security standards and policies.  The analyst will also be required to participate in project-related activities while staying abreast with the latest solutions/ capabilities within SAP Security and GRC space.

Key Skills/Experience Required:

- Minimum of 4+ years’ experience in implementing SAP GRC, Security and Controls 
- Minimum of 2 full life cycle implementations 
- Broad understanding of Sarbanes Oxley compliance and COSO framework. 
- Familiarity with audit, business controls, and segregation of duties is a plus 
- General understanding of principles of risk and control processes and deep understanding of SAP GRC Access control concepts 
- Possess extensive knowledge about the SAP authorization concept and prior experience in security role design, GRC configuration and SOD mitigation 
- Knowledge of SAP ECC, BI, CRM, XI, HANA, GRC  
- Proficient knowledge in Microsoft office tools including MS Access