SAP Security Consultant
Apply NowJob details
Job: SAP Security Manager / Technical Lead Description: The SAP Security Manager / Technical Lead’s main responsibilities include ensuring the client's organizational goals in the SAP Security and GRC space are being met. We will expect any successful candidate to set out a roadmap and tasks / subtasks to achieve those goals, including creating a set of metrics to be agreed with the client with which to measure the performance of the SAP Security team, who will be a 3rd party SI. The candidate should ensure policies, procedures and standards are kept contemporary and executed as documented. To work with the client to highlight (as per the metrics) skills deficiencies and promote the correct level of expertise within the function. To assess future projects and help in the initial phases of blueprinting and high-level design and to develop and monitor progress against a roadmap. Location: Remote with occasional travel to two locations in the UK. Communications skills and capabilities to include: Presenting both face to face, via web conference, through email or via Presentation, Ability to take technical language and articulate issues, technical limitations and potential solutions in language non-technical audiences can understand. Manage and chair meetings within the SAP Security Team, the wider SAP Team, Financial Governance, Audit or more senior members of staff (potentially senior manager) Report to the SAP Technical Lead on performance of SAP Security Team against agreed metrics (see above) Work with the SAP Security Team to update policy, processes in line with business requirements Technical capabilities to include: Understanding of SAP Security and GRC technologies including: Understanding of technologies such as HANA S/4, HANA Cloud applications, Fiori UI5, cursory understanding of JSON and SOA. OData Services, Experience with OData protocol for enabling SAP backend data consumption in Fiori apps. Building and maintain Fiori Tiles, Groups and catalogues Understanding of SAP Fiori Authorisation concepts, roles, and profiles. Diagnosing technical errors efficiently and accurately. Remediation for all IT risk, governance, and segregation of duties related projects and ongoing maintenance in these efforts. Performing licensing audits using the License Administrators Workbench SAP GRC Access Controls v10.0, 12.0 implementation and/or upgrade experience. Experience in SAP GRC modules ARM, PC, EAM essential Interpretation of business requirements and translation into technical requirements Reviewing implementations /changes / builds for build quality. Industry expertise to include Working closely with the functional experts on-shore to propose / implement best practice methodology Working with Risk and Governance teams (as a key stakeholder) to ensure that they are involved and business requirements are considered and addressed in a timely fashion. Understanding of SOX, JSOX and ITIL Day to Day responsibilities Approve Security changes Carry out detailed / high level design Review SoD reports and take action Delegate work to the offshore / SI team Manage escalations Update roadmap Manage communications for stakeholders Report into management on progress Liaise with external / internal auditors to agree scope and schedule of audits Responsibility for finding resolutions to audit issues Liaise with Financial Governance and IT Assurance to identify and remediate risks Work with offshore team / SI lead to plan, schedule work Build reporting capability to report to management Manage partner relationship Review approve documentation / processes Experience: The occupant of this role should have at least 2 – 3 years of team management or senior team lead experience. Should come with strong references from an organisation of commensurate size / complexity. Must have deep SAP knowledge and understand standard ABAP Security concepts as well as BW, Analysis, Structural and Portal technologies. Some project management skills preferable; Prince 2 or Agile practitioner ISACA CISA, CISM, PAS 555 or ISO/IEC 27001 qualifications preferable as well as exposure to GDPR impacts. DevSecOps experience or awareness preferable Looking forward: Any successful candidate could look to potential career progression within our consultancy to head up other consulting teams, manage business development or development Teams.
Apply Now