As SAP Senior Security Specialist, you will act as the subject matter expert within corporate functions for security risk management and related activities, as well as for all security matters.
Responsibilities include but are not limited to:
- Overseeing security risks, targeted security risks assessments, and other security project reviews as identified across all aspects of SAP Global Security
- Understanding applicable regulations, guidelines, and industry best practices
- Contributing to the execution of SAP’s standards specific set by enterprise governance and SAP Global Security policies and procedures
- Performing periodic security risk assessments and conducting related ongoing compliance monitoring activities
- Reviewing security exceptions for the specific corporate function and reinforcing the identification of security risks
- Conducting security risk assessments and advising the corporate leadership on risk reduction proposals with cost justification
- Monitoring and enhancing the risk mitigation strategies and plans to help bring open security risks to closure
- Working independently as well as with internal and external business partners for any third-party assessments on security functions
- Developing and monitoring security risk metrics and providing periodic updates to the executive management on security risk and compliance efforts
- Providing leadership, mentoring, and training to security personnel and other SAP stakeholders
- Demonstrating proven expertise and success managing simultaneous project work streams in system security, cybersecurity controls, or information security management environment, specifically in NIST domain
- Assist in the determination of requirements, design, build, and testing of authorization profiles for SAP systems.
- Provide knowledge transfer to departmental personnel on an ongoing basis
- Keeping up with SAP technology platforms such as ETD, etc. and be able to articulate to clients
- Security industry trends and how to apply them on SAP, such as UI masking, logging, anonymization, etc
Profile:
- Minimum of 5 years of managing IT initiatives/project management required. Minimum of 5 years of information security, audit, risk management, compliance, or risk consulting-related experience preferred
- Experience using Governance, Risk, and Compliance (GRC) tools
- Security certification, e.g., CISSP, CISM – SAP Certified Technology Associate – SAP System Security and Authorizations preferred.
- Experience with information security compliance audit frameworks and requirements, e.g., NIST, SOX, PCI, GDPR and Data Privacy
- Proven experience working in multi-functional and multi-cultural teams
- Ability to demonstrate analytical expertise, close attention to detail, excellent conflict resolution and negotiation skills, logic, and solution orientation
- Learn and adapt quickly with a thinking out-of-the-box mindset
- Excellent written and oral communication skills
- Ability to learn and operate in a dynamic and agile environment
- Proactive, self-managed, and able to interface well with sponsor personnel and inter-disciplinary teams across an organization
- A good understanding of LINUX/UNIX, ORACLE, WINDOWS, and HANA DB
- Knowledge in how to have a secure pipeline from user or system to/from SAP systems such as SNC, cryptographic libraries impact on password encryption, TLS for browsers, security for mobile apps, etc
- Minimum of 5 years experience in SAP Security (BW Analysis authorization, BOBJ, HANA, FIORI, GRC, Structure authorization, SAP Portal.
- SAP Security experience must include experience in the following areas:
- Analyzing, developing, and designing Roles and Authorizations in support of new users
- Creating and supporting User IDs and test IDs in the systems
- Documentation of the roles
- Creating roles in the system and a log of the role changes for end users
- Modifying existing roles and authorizations to fix defects in the process
- Updating documentation
- Creating monthly progress reports
Build your career with us
It is an extraordinary time to be in business. As digital transformation continues to accelerate, EVOLVIC is at the center of this change, supporting our clients’ digital journeys and offering our professionals exciting career opportunities.
Be part of building one of Montreal’s fast-growing independent technology and business services firms.
Learn more about EVOLVIC at www.evolvic.com.
EVOLVIC is an equal opportunity employer.