SAP Security&Audit Remediation Consultant

07 Января

Партнерские Вакансии

Компания "iQ-SOLUTIONS"

Responsibilities:

• Remediate audit findings and close gaps in high-privileged access procedures and personal data exposure.
• Design and implement SAP security for ECC6, HCM, BW, BI/BO, GRC, and S/4HANA environments.
• Assess security vulnerabilities and gaps in access controls, roles, and authorizations.
• Lead the re-implementation of SAP Firefighter for emergency access and audit trail management.
• Ensure segregation of duties (SoD) compliance in Firefighter functionality.
• Configure and maintain SAP GRC systems, including SoD rules and access control policies.
• Automate user access provisioning and de-provisioning across SAP systems.
• Collaborate with teams to automate workflows for user access requests and approvals.
• Manage Central User Administration (CUA) for user identity management across SAP systems.
• Integrate CUA with identity management tools for seamless provisioning and de-provisioning.
• Design and maintain SAP roles and profiles aligned with security best practices and SoD compliance.
• Review and updаtеrole structures to minimize over-privileged access risks.
• Maintain SoD matrices and ensure appropriate controls to prevent conflicting access.
• Perform regular SoD analysis and remediation to ensure audit and regulatory compliance.
• Provide documentation and insights for SAP audit activities, including role and user access management.
• Monitor user access issues and resolve authorization problems in SAP systems.
• Proactively manage SAP GRC for security issues, patches, and updates.
• Create security and compliance reports, identifying risks and areas for improvement.
• Collaborate with internal IT teams and external consultants to align security solutions with business needs.
• Conduct training on SAP security best practices, role management, and GRC tools.
• Stay current with SAP security trends and recommend improvements.

Skills:

• Expertise in SAP security for ECC6, HCM, BW, BI/BO, GRC, and S/4HANA environments.
• Proficient in SAP GRC Access Control, including Firefighter design, SoD configuration, and automated access provisioning.
• Strong knowledge of role-based access control (RBAC), SAP roles, and profiles.
• Experience with Central User Administration (CUA) and identity management integration.
• Deep understanding of Segregation of Duties (SoD) principles and SoD conflict resolution.
• Ability to architect scalable SAP security solutions for S/4HANA and cloud environments.
• Hands-on troubleshooting of SAP security issues and authorization conflicts.
• Expertise in SAP security auditing and compliance reporting.
• Knowledge of SAP Fiori security, including user authentication and access control.

Experience:

• Extensive experience with SAP security for ECC6, HCM, BW, BI/BO, and GRC environments.
• Proven ability to remediate audit findings related to high-privileged access and data exposure.
• Expertise in re-implementing Firefighter functionality within SAP GRC for emergency access and auditing.
• Hands-on experience with automated user access provisioning and integrating workflows.
• Demonstrated experience in Central User Administration (CUA) across multiple SAP systems.
• Strong background in SoD analysis, maintaining SoD matrices, and ensuring compliance.
• Experience in architecting and implementing security solutions for SAP S/4HANA, BTP, and Fiori.
• Skilled in troubleshooting SAP security and authorization issues.
• Proficient in generating security audit reports and ensuring compliance with industry standards.

Qualifications:

• Bachelor's degree in Computer Science, IT, Cybersecurity, or a related field.
• SAP Security certifications (e.g., SAP Certified Technology Associate – SAP Security, SAP GRC).
• Industry-recognized certifications (e.g., CISSP, CISM, CISA).
• Knowledge of regulatory frameworks such as ISO 27001, NIST, and SOX.