Spectrum Brands utilizes a Shared Services model that enables resources to be leveraged across the organization. The Shared Services team is made up of information technology, human resources, indirect sourcing, finance & accounting professionals that support all business units. Shared services teams are headquartered in Middleton, Wisconsin but have members across the country.
The SAP Security Engineer is responsible for designing and implementing industry best practices for SAP Security architecture. The role performs duties, through a work team, to control and secure functionality of the SAP business control system. This position supports Spectrum Brands' global divisions.
Primary Duties & Responsibilities
Operational Deliver – 50%
- Manage the daily operational activities while working on projects.
- Prioritize and assign tasks associated to change management and incident management.
- Work collaboratively with cross function IT team members to ensure effective cross-project communication and issue management.
- Deploy, monitor, test and tune Security and Identity access management best practices within the SAP environment.
- Ownership of Cyber Security SAP audit controls, identity policy compliance, and/or operational efficiencies across identity environments.
- Accountable for helping Security support teams streamline daily monitoring and evaluation of effectiveness of operational duties.
- Contribute and support operational and project SAP and identity functions.
- Produce required reports and ensure existing policy and procedures are in place for SOX compliance.
- Collect business security requirements for managing and controlling authorizations to SAP data and network authorizations.
- Research, recommend and develop security and risk mitigation solutions.
- Ensures SAP accounts are disabled and cleaned up according to policy.
- Ensures auditing requirements are met for all security access.
Service Delivery – 20%
- Maintain and accept ownership of assigned security incident, communicating and documenting all activities performed in resolving incidents
- Creates SAP accounts assigning the appropriate approved access
- User maintenance in various systems managed by Information Technology
- Maintain SAP rulebook mitigating controls through partnership with the business.
- Updates documentation as changes are made to groups and roles in SAP.
Organizational Growth – 10%
- Work closely with Enterprise Architecture teams to develop security related technology standards.
- Understand the underlying technologies and applications utilized within area to direct the design, development, and implementation of technology requirements.
- Maintain a research regimen of emerging technologies, practices, and policies that might advance the capabilities, service qualities and security posture for the Company.
Education and Experience Profile
- Bachelor's degree in a related field or equivalent experience.
- Minimum of 5 years of relevant experience with a combination of functional technical experience with aspects of major enterprise business systems and related technologies.
- Hands on working knowledge of SAP IDM and/or other IAM solutions
- Advanced knowledge in GRC and/or other SAP system tool experience
- Experience in the working with outsourced security environments where delivery of most security capabilities provided by a third-party vendor.
- Researches and learns new skills related to information security systems and processes.
- Demonstrated experience establishing and maintaining effective working relationships with other business organizations and leadership; successful experience in working with diverse groups of people in a problem-solving environment.
- Experience with complex SAP troubleshooting, mitigation and resolution activities in a global organization.
- Demonstrated ability to regularly prepare project management material while keeping focus on budget and commitments.
- Experience in IT controls such as NIST, SOX, HIPPA, and SSAE 16.
- Experience with complex security troubleshooting, mitigation and resolution activities
- Ability to effectively communicate with others in security requirements and business needs.
- Excellent communications skills, both written and verbal, for an audience with a broad variety of technical skills and knowledge which ranges from novice to expert