SAP Security Senior Analyst - Hyderabad

The SAP Security Sr. Analyst will direct his efforts with SAP security skills providing SAP technical related skills to an International Corporation.

POSITION REQUIREMENTS:
  • User administration like creation of users, deletion of users, locking & unlocking of users, resetting passwords of users, users monitoring etc.
  • Role administration like Designing/redesigning various kinds of roles (Derived Role, Composite Role and Single Role).
  • SAP GRC KNOWLEDGE.
  • Analysis of SU53 logs and ST01 Trace logs.
  • Experience with ECC version 6.0 will be highly regarded
  • Business Knowledge in the areas of SD/MM/FICO/PLM/PP/QM/BI
  • Restricting users by user group as per business requirement
  • Used SUIM to find out the Roles with required Authorization object or with required Authorization values.
  • Adding the standard and customized t-codes into the roles.
  • Worked on ticketing tool to resolve the issues & problems.
  • Meet established priorities and schedules
  • To prepare and provide matrix to SAP Support and Implementation/Rollouts
  • Manage communication between the onsite configuration resources and the global delivery centre(s)
  • Should be well aware of the ASAP methodology for implementation projects.
  • Assist in preparing the detailed development plan with deliverables during rollouts
  • Responsible for Go-Live activities on time, in scope, and within budget for Projects undertaken
  • Assist in all necessary project phases for SAP implementations, enhancements and support activities including functional requirements gathering, and fit/gap analysis
  • Coach junior staff and provide input/assistance based on related domain experience and expertise
  • Support team objectives and activities as well as personal job-related skill development and career-growth
  • Good communication skills
  • Experience in Implementation /roll out /support related Security tasks
  • Experience in Authorization Design and implementation, Security experience the Netweaver products (BI/XI/EP/CE)
  • Experience in upgrade related tasks (preferred)to identify areas of IT risk in the client environment and opportunities to help them to improve information security, and business processes
  • Segregation of Duties (SOD) reviews using SAP GRC and remediation Job profile includes: Analyzing SOD violations through SAP GRCs Access Control (AC) module. Highlight and discuss violations with role owners / business users for remediation Identify and assign mitigating controls to violations that cannot be remediated
  • Carry out ruleset changes to incorporate custom T-Codes
  • Business analysis Report findings and make recommendations for the correction of noted violations and improvements in operations as per industry standards and best practices.
  • SOX Understanding
  • Continuously improve and roll-out security compliance monitoring solution(s) within SAP
  • Actively collaborate with and support SAP's IT and Cloud-operating organizations to drive security improvements in the area of security compliance monitoring
  • Validate SAP’s Cloud & IT projects, landscapes and solutions by actively managing and conducting automated IT security compliance verifications
  • Manage and drive the creation of mitigation plans and follow up their implementation.
  • Define, manage & derive IT security requirements
  • Manage & conduct internal and external IT security audits / penetration tests and ensure effectiveness of such reviews.
  • Identify risks and approve risks for monitoring under GRC.
  • Working experience on Design alternative controls for mitigating risks.
  • Should have knowledge of Access and risk analysis.
  • Maintain workflow configuration & Design and maintain rules to identify risk conditions.
  • Maintain the technical integrity of the roles for business/Job purpose.· Should have understanding of user administration & role management
  • Trace analysis & troubleshooting authorization issues Education Required:
  • Requirements
  • 7+ yrs. experience in SAP Basis Security
  • Experience in GRC 10.0 components or 5.3
  • Experience in Authorization Design and implementation, Security experience the Netweaver products (BI/XI/EP/CE)
  • Excellent technical understanding of security strategies, technologies and risk concepts
  • Must have worked on the following areas:
  • User management
  • Role management
  • Reporting
  • Basis controls testing
  • User access reviews
  • GRC Firefighter ID setup
  • Locking and unlocking of transactions
  • Submit security transports to PROD
  • Send security transports list
  • Strong communication skills
  • Atleast 3 Full End to End Implementation/Rollouts experience and one Support project experience
  • Bachelors / Masters Degree
  • Willingness to travel abroad for sustained durations