SAP GRC and Cloud Security Specialist

Job Summary

The SAP GRC and Cloud Security Specialist will be responsible for maintaining the security features in SAP, GRC and Cloud based applications while maintaining the integrity of the SAP and Cloud Security Design and uphold the compliance and regulations setup in the application, database and infrastructure layer. This role provides quality support to our business user community throughout the lifecycle of ongoing projects. In addition, this individual will design, implement and maintain SAP and Cloud security policies, procedures, and configurations to protect sensitive access, data and comply with various regulatory requirements (e.g.GxP, JSOX, etc).  This role will conduct regular security audits and risk assessments such as Segregation of Duties and Critical Access risks to ensure compliance and mitigate security risks. This individual will design and manage SAP security roles, authorizations, and user access control to ensure appropriate segregation of duties and prevent unauthorized access. Lastly, this role will regularly monitor, develop, review and enforce security policies, standards, and procedures to ensure consistent and robust security practices.

Job Details/Responsibilities

Project Implementations & Improvements

• Provide solution and approach as per the Business Requirements.
• Contribute with the development of the SAP Security Strategy that is well-designed, practical, and appropriate to support multiple SAP products, projects, and user requirements.
• and independently deliver the security strategy for ongoing projects and deliver an SAP security strategy 
• Conduct gap analysis and assessments to bring up improvement in SAP and Cloud Solutions.
• Develop and implement SAP security protocols, including user access controls, roles, and authorizations. 
• Design and configure security in SAP S/4HANA, Fiori, SOLMAN, PO & GTS to meet the company’s security requirements.
• Work with SAP COE Leader, Project Team and Core Business Team for the successful design, configuration, unit testing, integration testing and user acceptance testing of the SAP S/4HANA. 
• Design and implement GRC Access Control.
• Assist project manager in security governance projects and manage daily security tasks.
• Collaborating with other IT teams, business stakeholders, and external vendors to integrate security into overall IT strategy and projects.
• Configure and check the SAP and GCP Cloud configuration for Audit log and the retention policy associated with it and made sure it is complaint as per our Company’s requirement.
• Manage and maintain GRC tool and applicable policies and procedures.
• Create and test the Security Test Scripts to achieve the sanity checks from Security Objects perspective in different SAP systems.
• Work with other Process Team(s) in development and execution of the cutover activities.
• Document the role design, security approach and road maps for new SAP and Cloud solutions.
• Implement automated ways of working using RPA and scripting to improve the turnaround time and quality of work.

Production support & Continuous Improvement

• Adhere to the company’s procedure (ITSM, CHARM, etc.) for user management and role management.
• Meet the SLAs for incident and enhancements.
• Respond to security incidents, investigating breaches, and implement and coordinate corrective actions.
• Troubleshoot issues across multiple SAP and Cloud products and peripheral software. 
• Collaborate with various process areas like RTR, OTC, LWM, STP, FTP, QBM, PM, Basis, DATA and Developer to provide a solution for their requirements.
• Develops value adds, automations and process improvements for the team’s efficiencies.
• Create and provide training and support to internal teams and users on SAP security best practices and procedures.
• Proactively monitor the SAP and Cloud applications for security breaches and anomalies. 
• Create and maintain quality documents for Standard operating procedures and work instructions

Job Responsibilities (continued)

Audits, Controls & Monitoring 

• With the understanding of the business processes, identify SOD risks and business impacts and work with appropriate parties to address issues and resolve the risk. 
• Perform security audits, monitoring system logs, and ensuring compliance with industry regulations and internal security policies.
• Ensure compliance with industry standards and regulatory requirements for SAP security. 
• Run regular SOD and BCA analysis at Business role & Business user level and mitigate the risks.
• Understand the IT controls and monitor it as per our Company’s Risk and Control Matrix.
• Work with the external and internal audit team to trigger the various controls and make sure that the controls are effective and up to date

Knowledge, Skills and Abilities (KSA)

• Strong knowledge of SAP products like S/4hana, HANA, Fiori, PO, SolMan, BODS, ASE etc.
• Extensive knowledge of SAP security concepts, including authorizations, roles, and data access control.
• Ability to lead critical issues involving SAP on GCP, Fiori with S/4hana and SAP HANA.
• Knowledge of GCP Cloud security tools and IAM (Identity and Access Management) and access controls. 
• Strong analytical and problem-solving skills to identify, diagnose, and resolve security issues.
• Knowledge of Cloud Security Principles and compliance frameworks.
• Familiar with JSOX and GXP compliance and regulations.
• Good understanding on SAP security fundamentals and authorization concepts 
• Ability to take ownership of work activities and take it to conclusion in a timely and efficient manner.
• Effective communication, both written and verbal, with technical and non-technical multi-functional teams spread across regions
• Willingness to learn new skills/techniques/processes.

Qualifications/ Background Experiences

• Bachelor’s degree in computer science or related field; or equivalent work experience.
• Minimum 7 years of relevant experience in SAP Security (including Fiori) with two (2) implementation projects in SAP required.
• Minimum 3 years of experience in SAP GRC (EAM, ARM, BRM, Ruleset, etc) required.
• One implementation in SAP on GCP highly preferred.
• Minimum 1 years of experience in Cloud Security preferred.
• SAP HANA Database Security experience preferred.  
• SAP Security, SAP GRC and GCP Cloud certifications are preferred.