Position Summary:
As a Staff InfoSec Risk and Compliance Analyst (SAP GRC Specialist) at Illumina, you will utilize your application security skills to plan and implement security measures on a variety of SAP systems including ECC, Solution Manager, GRC, APO, IBP, EWM, GTS and Fiori. You will be primarily responsible for assessing access impacts and ensuring these SAP systems are integrated with SAP's GRC platform to ensure proper segregations of duties are established not only within the applications themselves, but across multiple applications as well. Lastly, if SAP doesn’t supply an out of the box GRC ruleset, you’ll be asked to develop one by understanding the functions tied with the application and working with risk owners to define which functions should not be combined.
Additionally, you will project lead for quarterly, and weekly releases by attending project meetings to gather requirements, provide guidance for role builds, and any utilization of custom transaction codes.
Responsibilities
SAP Security Administration
Support Audit Activities (Internal, External, SOX and FDA)Support other SAP functions in implementing security measuresAssess access impacts, including but not limited to role definition, updates, provisioning, de-provisioning, and user maintenanceRuleset maintenance for new transactions, functions, risks, and mitigation controls using SAP GRCPerform GRC updates when new risks are identified via partnership with Internal AuditCoordinate support pack upgrades, and security note implementationImplement workflows to support SAP GRC processesImplement GRC FIORI applications to enhance customer experienceMaintain SAP vulnerability management programSAP Role/Group maintenance for SAP cloud products (IBP, Ariba)SAP Role creation/maintenance for S4/HANA productsImplement security designs based on industry’s best practice recommendationsPeople Leadership
For Bangaluru location, you will be team lead for reports under the GRC Application Security Team.
Ensure policies and procedures are followed by direct reports
Ensure attendance and work performance goals are achieved
Work with onshore leads for new or altering work assignments
Documentation
Policies, Work Instructions and Process Flows for business processConduct training to SAP Security stakeholders on best practices and risk assessment for new functionalityProject Support
Work with SAP Role/Risk owners to provide security solutions for new or existing functionalityPartner with functional teams to design and implement access controls for new functionalityRequirements
Minimum of 5 years Application Security experience (Application or Database Administration)Knowledge of access provisioning and de-provisioning, role administration, CUA implementation/support and licensing controls.Experience with implementation of SoX and FDA audit controls. Minimum of 4 audit cycles preferredSetting up GRC ruleset for an application where a default ruleset was not provided by SAP, including S/4HANA services and applications.Experience with security administration/risk management of SAP systems including but not limited to ECC, GRC, Solution Manager, Fiori, IBP, GTS, APO, EWM, HANA DB preferred.Education
Bachelor's Degree preferred
Illumina believes that everyone has the ability to make an impact, and we are proud to be an equal opportunity employer committed to providing employment opportunity regardless of sex, race, creed, color, gender, religion, marital status, domestic partner status, age, national origin or ancestry, physical or mental disability, medical condition, sexual orientation, pregnancy, military or veteran status, citizenship status, and genetic information.