The SAP
Application Security and GRC Consultant will execute professional service
offerings that will include application testing services offering support and
execution. This individual is responsible for managing client relations,
executing assigned technical projects, delivering quality work deliverables in
an efficient and thorough manner. The SAP Application Security and GRC
Consultant must understand SAP Platform Security and compliance frameworks to
satisfy the clients’ needs and expectations.
Duties and
Responsibilities:
- Guide and perform security
activities, including risk assessments, intrusion and vulnerability testing,
code review, static and dynamic code testing
- Perform findings/vulnerabilities
analysis, document results, engage with high level personnel, discuss findings,
provide recommendations, explain testing techniques, and stay current on
weaknesses and vulnerabilities.
- Perform audits of roles and
authorizations, GRC, and Segregation of duties
- Execute engagements, either solo
or as a team lead, and produce quality deliverables that meet client business
objectives.
- Take a leadership and training
role for all new consultants joining the professional services group with a
focus on web applications.
- Assist with the development of
internally and publicly released tools
Requirements
Minimum
Qualifications/Experience:
- Experience with at
least two 2 full cycle implementations of SAP GRC projects that include SAP
systems ECC (FI/CO/FM, MM, SD, PS, PM), SRM, BW, PI, MDM, Portal, etc.
- Must be “current and
hands-on” in providing solid technical solutions and implementing true SSO for
SAP system(s).
- Hands-on experience
in setting up SAP Security, GRC, setting up Single Sign-On with AD Active
directory using SAML protocol.
- Ability to prepare Architectural/Technical/Process
flow documentation
- Strong understanding and practicing of SAP ASAP, Activate,
and Agile methodologies
- Minimum of 5 years of hands on SAP Security
technical experience predominantly in SAP GRC with Access control, Process
Control, Risk Management, etc.
- Experience with SAP IDM is preferred
- Hands-on experience in configuring/customizing/modifying
SAP GRC related functions
- Strong and solid understanding of SAP GRC
modules and have prior hands- on experience in creating Rule sets and BRP+
configuration.
- Minimum of 5 years of
hands on SAP Archiving and Archive Link experience predominantly in SAP ECC
(FI/CO, FM, GM, PS, MM), SRM, BW, PI, Portal, etc.
- Hands-on experience in
architecting/ configuring/ customizing/ SAP GRC and IDM solutions.
- Exceptional
communication and interpersonal skills
Minimum Education:
- Bachelor’s Degree – Preferred
Required Certifications:
- No required certifications.
- SAP, Agile, SAFe certifications
desired.
Other:
- Must be US Citizen
- Having an Active DoD Secret
clearance preferred or Ability to Obtain it
- Willingness to be on-site daily