ERP Security & Authorization's mission is to continuously monitor and improve the ERP security architecture posture while preventing, analyzing, and responding to ERP security incidents supported by technology-enabled and well-defined processes and procedures.

SAP Security & GRC Architect collaborates with key stakeholders to analyze ideas and demands for architectural fit and translates detailed business requirements provided by the solution owner into implementable solution including specific technical requirements.

 

At least 5-10 years of experience in SAP Security in Development/ Configuration/solutions evaluation/ Validation and deployment.Proven experience with SAP Security, Role Based Permission, SAP GRC Access Controls, and SAP ECC Security.Strong knowledge of ECC, HANA, BW and GRC modules.Ability to handle support issues and process GRC requests efficiently.Excellent analytical and reporting skills.Strong communication and teamwork abilities.Must have Hands on SAP Security expertise in SAP S4HANA, Fiori, HANA DB, ECC, BI/BW, BOBJ, SAC, CRM, HTR systems.Strong knowledge in S / 4 HANA Security design skills, Current knowledge of industry and security solution trends and ability to apply knowledge to existing security design.Good to have knowledge in handling Security User and role administration in HANA, BODS, Portal,,EWM , & Process Orchestration (PO) system.Experience in designing, building, and deploying HANA database security.Experience in GRC Access Control support.Experience in SoD analysis & remediation.Experience in Solman CHARM Transport processExperience in designing, building, testing, and deploying business and support roles with S/4 and Fiori roles.Good to have experience in large and complex projects with multiple rollouts for countries / regions.Ability to work with limited supervision and exhibit a solid sense of urgency.Ability to handle Severity 1 and major incidents and provide resolution within SLA.Understanding of internal Security controls, sensitive transactions analysis.Ability to solve complex Security issues through research and technical detective work.Excellent communication and interpersonal skills.

 Provides security and technical expertise to support the development of security objects to satisfy business requirements.Analyzes and administers security policies to control physical and virtual system access.Identifies and investigates security issues and develops security solutions that address compliance requirements that can/do impact security.Identifies, develops, and implements mechanisms to detect security incidents to enhance compliance and support of the security standards and procedures.Assesses business role requirements, reviews authorization roles, and supports authorizations.Demonstrates a comprehensive skill set with testing authorizations for multiple environments and coordinates testing with business/technical users.Validates system configurations to ensure the safety of information systems assets and protects information systems from intentional or inadvertent access or destruction.Implements best practice when applying knowledge of information systems security standards/practices (e.g. Access control and system hardening, system audit and log file monitoring, security policies, and incident handling).Determines strategy and protocol for network behavior, analysis techniques, and tool implementation.Identifies opportunities for streamlining and increasing effectiveness through continuous process improvement.Implements practices, processes, and procedures consistent with Nokia's information security policy and IT standards.Develops and documents security events and incident handling procedures into Playbooks.Ensures that incident documentation is comprehensive, accurate, and complete.Triages, prioritizes, investigates, and coordinates security events and incident handling activities.Creates and/or remediates GITC (General IT Controls) in support of meeting audit objectives for all SAP modules, and their supporting Databases, within the Nokia’s SAP landscape (i.e. Finance, Retail, Warehouse Management, Payroll, Oracle, HANA, etc.)Designs IT testing procedures to identify and evaluate risk exposures and determine the effectiveness and efficiency of controls.Assists with the creation of effective remediation solutions and/or exception documentation where applicable.Serves as the subject matter expert and point of contact to Internal and External Auditors.Assists project teams with creation and implementation of IT controls objectives and integration into SAP-GRC.Assists with the successful completion of the quarterly UAR (User Access Review) audit process.Collaborates with Internal Audit in developing, testing, and devising solutions to effectively meet applicable IT control objectives.