SAP S/4 Governance, Risk & Compliance Lead

Magic Leap   •  

Plantation, FL

Industry: Retail & Consumer Goods

  •  

11 - 15 years

Posted 60 days ago

This job is no longer available.

Magic Leap's Technology Solutions and Services (TSS) team is seeking a hands on SAP S/4 Governance, Risk & Compliance (GRC) Lead to provide strategic and tactical leadership for the design, build, implementation and maintenance of our SAP GRC platform.


Responsibilities:

  • Work with the Business users to design, develop and maintains Magic Leap's SAP user management and security architecture, including hands-on design and build across a complex SAP architecture, including but not limited to S/4 HANA, GRC, Fiori, Hybris Commerce, Hybris Billing and other SAP related cloud applications (SuccessFactors, Ariba, Concur, etc).
  • Develop and implement SAP security policies, processes, architecture, training, and communications. This function includes identifying and implementing security solutions and proactively remediating vulnerabilities with existing solutions.
  • Proactively analyze & understand the risks associated with application security exposures, provide solutions to eliminate/reduce exposure.
  • Monitor to ensure compliance with Magic Leap IT security standards and the SAP IT security framework.
  • Ensure adherence to government and corporate security guidelines including SOD, SOX, and other privacy related standards such as GDPR.
  • Responsible for working with the Enterprise Architects, solution architects and business process owners to translate business requirements into SAP security design.
  • Assist in periodic control activities such as regular review of user access, critical role review, and annual IT control testing support.
  • Administration of SAP GRC configuration, rule sets, workflows and approvers for user provisioning, emergency access and access recertification.
  • Develop and deliver documentation and training as needed to ensure proper system usage and understanding.
  • Design and deploy security reporting based on business requirements.
  • Performs Segregation of Duties analysis and manages the mitigation process; monitor production environments for security violations.
  • Perform system measurement for SAP licensing purposes and monthly metrics.
  • Oversee the compliance and audit requests including monthly internal reviews, quarterly IT self-testing, semi-annual internal audits and annual external audits.
  • Lead and oversee a team of Operations Support members to accomplish Security Support tasks.

Qualifications:

  • Must have 12+ years of overall IT experience, with 8+ years of SAP Security and GRC experience
  • Strong understanding of information security management principles, SAP application security implementation methodologies, and SAP user and role management tools
  • In-Depth understanding and implementation knowledge of SAP GRC Access Control and Process Control
  • Solid experience with SAP security across various applications including but not limited to S/4 HANA, Fiori, Hybris Commerce, Hybris Billing and other SAP cloud systems (SuccessFactors, Ariba, Concur, etc)
  • In-depth understanding of SAP Security roles and authorization concept
  • Solid understanding of SOX compliance laws, SOD conflict issues
  • Expert level knowledge of various Audit and Security controls
  • Ability to work effectively across a cross section of organization (Internal Audit, functional teams, business process leads ,etc.)
  • Completion of a full lifecycle SAP GRC Access control implementation
  • Must have good understanding of SAP process knowledge and SODs
  • Expert knowledge of business processes across Finance, Sales, Supply Chain, Human Resources
  • Information security and/or SAP GRC professional certification(s) preferred.

Education:

  • Bachelor's degree from four-year college or university with a minimum of 10 years of related post-graduate work experience.

Additional Information

  • All your information will be kept confidential according to Equal Employment Opportunities guidelines.