|Job Details / Détails du poste
Are you interested in this opportunity? Click on Apply and your application will be submitted. If you know of someone else who might be interested, send this opportunity to a friend.
Apply Now! / Postuler maintenantTell A Friend / Envoyez cette offre d’emploi à un
|City / Ville
|Title / Titre
||▲ SAP Security Analyst
||SAP Controls Specialist
The individual will be responsible for identifying, documenting and validating business process controls, IT general controls, interface and data conversion controls.
The individual will be responsible for determining the appropriate control strategies and solutions for business processes, security and data integrity supported by the SAP implementation.
The role of the SAP Controls Specialist represents managing a balance between SAP security, SAP configurable controls, and manual/management controls.
As such, this project team member should have strong understanding of process controls as they relate to:
• The effectiveness and efficiency of a company's operation
• Mitigating risks for related processes
• The analysis and management of segregation of duties within SAP; and
• Compliance with applicable laws and regulations
This is a 12 month contract
||Responsibilities include but not limited to:
• Communicate business process, security, infrastructure and data integrity strategies and solutions across multiple departments and process teams within the organization and project;
• Facilitate the process for designing and implementing business process, security, infrastructure and data integrity controls;
• Coordinate training and knowledge transfer of business process controls concept to team members;
• Oversee, manage, review and guide business process, security, infrastructure and data integrity work streams and related deliverables and work products; and
• Analyzing, monitoring and remediation Segregation of Duties violations by using SAP GRC Access Control tool.
||• Strong understanding of business process, risk and control best practices including both operational and system control procedures;
• Strong understanding of SAP and the SAP business Process Methodology;
• Experience leading risk management and controls teams on large ERP implementations;
• Strong interpersonal skills, including the ability to bring stakeholders to consensus;
• Can implement function-wide processes/tools; in-depth knowledge of a risk assessment model/analysis tools/processes; identify key benefits/drawbacks/rationale/benchmarks/model pros/cons; knows cross-function processes/tools/audit
• Has key stakeholders participate early in project life cycle; recognizes/challenges weak value propositions/business cases; applies "lethal issues" questions to improve performance/reduce risk; identify/mitigate risk to manage ROI
• Understands that customer perspective is key definer of value & upfront planning is critical & then deliver on value promised to customers; aware of "lethal issues" questions that can be asked to reduce project risk
• Certified Information Systems Security Professional (CISSP)
• CISA Certification
• ITIL Foundations
• Experience working with Information Technology in the Oil & Gas industry
• 4-6 years of business Process Design experience
• 4-6 years of experience in developing & documenting security architecture & plans
• 4-6 years of experience with security processes & procedures & supporting service-level agreements (SLAs) to ensure that security controls are managed & maintained
• 4-6 years of in-depth knowledge & understanding of information risk concepts & principles
• 4-6 years of proficiency in performing risk, business impact, control & vulnerability assessments
• Experience as a leader implementing tools, technologies, security strategies into a large corporate business environment
• Experience with common information security management frameworks, such as International Standards Organization (ISO) 17799/27001, the IT Infrastructure Library (ITIL) and Control Objectives for Information & Related Technology (CobiT) frameworks
• Ability to interact with personnel at all levels & across all business units/organizations & understand business imperatives
• Exceptional interpersonal skills in areas such as team work, facilitation & negotiation
• At least 3 years developing SAP role-based security.
• 4-6 years of compliance
• Sarbanes-Oxley Act (SOX)
• Strong Understanding of SAP Security Controls and Best Practices.
• Knowledge of SAP and the SAP Business Process Methodology.
• Analyzing, monitoring and remediation Segragation of Duties by using SAP GRC Access Control tool.