Job Title: SAP GRC/Security Consultant
Company: Turnkey Consulting
Location: United States (Considering candidates in any US location)
Job SummaryThe candidate will play a key role in handling client engagements, as well as utilizing strong technical experience to find solutions that best fit our clients' needs. We are looking for a team-player and strong all-rounder with at least 2 implementations and 2 years of practical experience in the following areas
- Detailed understanding of the SAP authorization concept in one or more of the following areas: ECC, SAP S/4 HANA, HCM, CRM, SRM, BW, BI, BPC, SAP HANA
- Experience of designing, building and implementing SAP security and authorization solutions
- Exposure to various system user interfaces (UI), including SAP but also other relevant SaaS products
- Detailed understanding of SAP GRC suite of applications, with a demonstrable specialism in core modules contained within (ideally v12 onward)
- Experience of IDM solutions, either SAP's IDM solution, or non-SAP, such as SailPoint or Saviynt would be of advantage.
- Experience of third-party solutions to secure SAP estates also an advantage
- Experience of SAP Fiori catalogs, groups, pages and spaces
- Experience of SAP IAG solutions would be an advantage, both IAS and IPS
Our experienced consultants are a key driver of our success as one of the most trusted names in the end-to-end security arena and we are committed to delivering to a consistently high standard. Key responsibilities of the role are:
- Task management of large / complex implementations, especially in Application security or enterprise risk/identity projects
- Implementation of GRC technology and supporting modules
- Work with clients to understand "why" they're in need of such solutions, define requirements and configure solutions to best fit those needs
- Perform controls and configuration reviews involving relevant application systems and processes
- Advise clients on controls in their enterprise systems relating to regulatory or legislative compliance
- Review and advise on security redesign and remediation projects
- Provide a broader range of information risk management solutions to clients as required
- Build relationships with new clients and maintain good relations with our existing client base
- Integrate solutions into wider cybersecurity controls estates
We are looking ideally for someone with the following attributes:- The ability to troubleshoot and diagnose problems / issues and provide prompt, robust resolution
- An enquiring mind to discover "why" clients need to introduce the controlling measures.
- The ability to manage projects within varied client engagements and lead reviews and implementations
- Knowledge of corporate business processes and their control points
- Good understanding of various IT regulations and standards, including: Sarbanes Oxley, COBIT, ISO series & the GDPR
- Bachelor's degree
- Professional certification (e.g. CISA, M.Inst.ISP, CISSP, ISO)
- SAP certification (Security, GRC)
- Consulting background
- Strong written and verbal communication skills
- Integration experience
- Ability to act as an SME to install, design, engineer and configure security solutions to meet client needs
- Ability to effectively manage own time and priorities effectively and to work both as part of a team and individually.
- Able to communicate technical and functional requirements to both the business and IT
Key responsibilities of the role will include:- Project manage large / complex SAP Security implementations, especially for S/4 HANA projects
- Implementation of GRC Access Controls and supporting modules
- Work with clients to understand requirements and configure solutions to best fit those needs
- Perform controls and configuration reviews involving SAP systems
- Advise clients on controls in SAP relating to regulatory or legislative compliance
- Review and advise on SAP security redesign and remediation projects
- Provide a broader range of information risk management solutions to clients as required
- Build relationships with new clients and maintain good relations with our existing client base
- Integrate solutions into wider cybersecurity controls estates