SAP GRC Security Analyst

As a SAP GRC Security Analyst specializing in cloud environments, you will be responsible for ensuring the security, compliance, and integrity of our SAP systems. You will collaborate with cross-functional teams to design, implement, and maintain security controls and policies, while also providing expertise in SAP security best practices.
Key Responsibilities:

• Design, implement, and maintain SAP security controls and configurations for cloud-based systems, including SAP S/4HANA, SAP SuccessFactors, SAP Ariba, and SAP Concur.
• Perform security assessments, risk analysis, and vulnerability assessments to identify and mitigate security risks and compliance gaps.
• Develop and maintain SAP GRC (Governance, Risk, and Compliance) access controls, roles, and authorizations to ensure least privilege access and segregation of duties.
• Monitor and analyze security logs, alerts, and events to detect and respond to security incidents and violations in a timely manner.
• Collaborate with internal and external auditors to support SAP GRC compliance audits and assessments.
• Provide guidance and support to internal stakeholders on SAP security-related matters, including user provisioning, access requests, and security policies.
• Stay updated on industry trends, emerging threats, and best practices in SAP security and cloud computing, and recommend enhancements to security controls and processes.

Qualifications:

• Bachelor’s degree in Computer Science, Information Systems, or related field.
• 7 years of experience in SAP security administration, with a focus on cloud-based SAP systems.
• Hands-on experience with SAP GRC Access Control, SAP Security Administration, and SAP Authorization concepts.
• Proficiency in cloud security principles, frameworks, and technologies, including AWS, Azure, or Google Cloud Platform.
• Strong understanding of regulatory compliance requirements, such as GDPR, SOX, HIPAA, and PCI-DSS.
• Excellent analytical skills, with the ability to assess complex security risks and develop effective mitigation strategies.
• Strong communication and interpersonal skills, with the ability to collaborate effectively with cross-functional teams and stakeholders.

Preferred Qualifications:

• SAP GRC certification (e.g., SAP Certified Application Associate – SAP BusinessObjects Access Control 10.0)
• Experience with SAP GRC Process Control, SAP GRC Risk Management, or other SAP GRC modules.
• Knowledge of SAP Security-related tools and technologies, such as SAP Security Weaver, SAP Identity Management, or SAP Cloud Identity.