Risk & Security Analyst
Position Purpose & Summary
The SAP Security Specialist collaborates with multiple SAP project resources, businesses, IT teams, Partners and TGRC teams to provide SAP security technical designs that leverage security strategies, policies, and procedures for assigned projects. This is a mid-level role with broad awareness of SAP Secure Operations Framework components and expert level knowledge of SAP User and Authorization concepts. The Specialist leverages requirements that have been defined by Security Architects to ensure that security designs are supportive of those requirements and implemented appropriately. SAP Security Specialists empower Security Partners to configure and implement security configurations to meet design requirements and ensure that projects are rolled into SAP security operational processes.
Lead SAP Projects which have been assigned 30%
- Provide SAP Security oversight to assigned projects; primary point of contact for TGRC SAP (post hand-off by SAP Security Architect) on the project that drives security activities and provides guidance to project team members on security topics and processes
- Complete Security Technical Design Specifications (TDS) for components of SAP projects as identified during SAP Security Assessment, including but not limited to:
- Client Settings
- Integrations – ERPM, SailPoint, GRC, Flexnet, Onapsis, MS Azure SSO, Live Compare, etc.
- SAP Role Design (transactions, apps, privileges, authorizations, permissions)
- SailPoint IIQ Business Role Design
- Custom Development
- Table Access
- Authorization Objects
- Fire Fighter
- Communications (RFCs, ICF, UCON, SSL, SNC, etc.)
- Security Test Management
- Transactions & Fiori Applications
- Data Masking
- Data Scrambling
- Collaborate with various project team members (TGRC, Functional/RDC/DBT, Development, Basis, BI, Middleware, Business, etc.) to ensure that appropriate security controls are designed to meet both business and TGRC requirements; leverage security strategies
- Vet Solution & Functional Designs and incorporate into Security TDS as appropriate
- Hold Security workstream project meetings; provide status updates to Project Managers
- Request and analyze Onapsis security scans against project systems; drive remediation of security gaps that are identified as result of the project; provide gate approval for the Security workstream
- Perform Security Unit Testing in SAP Development systems to confirm security designs have been configured appropriately prior to System Integration Test (SIT) or other test phases thereafter
- Provide Security Cutover Plan to Cutover Lead
- Document bulk load deliverables for security roles and users and coordinate with CCE, Security Partners & TGRC IDM Team
- Perform project validations of security configurations in SAP production systems
- Maintain TGRC SAP Trackers with appropriate values introduced as part of a project (Org Tracker, Process Role Tracker, etc.)
- Escalate project scope changes with architecture impact to Security Architects
- Raise security exceptions or findings to TGRC Vulnerability Analyst and/or Sec Arch assigned to the project
- Hold Security Knowledge Transition meetings with TGRC and Security Partners
- Project Deliverables: Vulnerability Scan, Security TDS, Custom Transaction Code Requirements, Fiori App Requirements, Security Unit Test, Bulk Role Upload, Bulk User Upload, Project Review, Security Validation
Lead Security Roadmap Initiatives (Small Works) 20%
- Lead assigned Roadmap initiatives
- Identify tasks to complete roadmap initiatives
- Coordinate resources, changes (system, documentation, etc.) to support delivery of the roadmap work
SAP Security Roadmap Initiative / Signature Project Resource 10%
- Fulfill project-based responsibilities as assigned by the project that may include: system analysis, POC configuration, coordination of tasks and Partner activity, development of reports, and preparation of documentation.
SAP Security Governance 10%
- Provide vetting and approval for changes to security that can introduce risk to the SAP landscape resulting from change requests, projects, upgrades, operations, enhancements, incidents, etc. as identified in the change catalog.
- Provide vetting and design requirements for RPA BOT enablement requests
On-Call SAP Security Resource 10%
- Participate in on-call rotation for security incidents and escalations during traditional non-working hours
Audit Resource 10%
- Respond to Audit inquiries as assigned. Provide explanations, evidence as needed.
Operational Security Resource 10%
- Operational responsibilities that are assigned by the SAP Security Program Lead that are supportive of TGRC SAP steady state
Education, Experience, Skills
- Bachelor’sdegree in Information Systems,Computer Science or any other discipline
- Total SAP Security & Basis experience 8+ years
- BA/MA degree in Computer Science, Information Systems, Information Technology, or another related field
- Strong knowledge with SAP ABAP, HANA, Java and Cloud systems security
- Strong knowledge working with SAP GRC
- At least 3 full implementation cycles fulfilling core SAP Securities activities (architect, design, deploy, verify)
- Experience of support partner collaboration & governance
- Experience with interacting and managing effective communications with IT leadership.
- Strong written and verbal communication skills.
- Ability to work in a team environment.
- Ability to create and work with large and highly-complex security concepts and structures
- Strong Knowledge on audit controls and SOD
Linkedin Job Matcher
Find where you fit in at Cargill. Log in to connect your LinkedIn profile and we’ll use your skills and experience to search the jobs that might be right for you.
Discover how you can achieve your higher purpose with a career at Cargill.