SAP Senior Analyst Security

Posted 12 January 2022
Salary £45000.00 - £50000 per annum
LocationBradford
Job type Permanent
ReferenceBBBH127606_1642017590
Contact NameJoe Redwood

Job description


SAP Senior Analyst - Security
Bradford
£45,000 Maybe more for the right candidate



Purpose of the role:

The role is required to provide additional SAP security skills to the SAP function.

The successful candidate will work collaboratively with the SAP Security Manager, to complete/further develop the SAP Security landscape at In addition they will support the technical role build of SAP roles, across all SAP platforms based on the new business process design, preventing unauthorised access, disclosure of sensitive information or disruption to service.

The role will also perform SAP security administration on the landscape, providing priority support to the functional design teams through design, build, test and release phases.

The candidate will work with the SAP Security Architect to build stronger relationships with key stakeholders such as the wider SAP Team and internal audit.

The role holder's work will be quality assured by the SAP Security Manager, to provide support, mentorship and guidance provided where required.

S/4HANA is the core technology of the solution, however the landscape includes several other SAP technology platforms such as HANA, SAP Mobile, SAP PO and more. The SAP security solution will consist of the design and implementation of the SAP Security strategy, Security Role Provisioning solutions (SAP GRC and IDM), supporting the tracking of SAP Access and Process Risks and Controls and Business Process Controls and Security Analytics.

This work will ensure the SAP system design and build is aligned to strategic, legal and regulatory requirements from a security and GRC perspective.

Key accountabilities:
Support the Design and Build of SAP Security and GRC solutions.
* Implement the agreed strategy for SAP security based on enterprise security requirements.
* Understand the documented business requirements for the following SAP GRC modules

  • Access Request Management (ARM)
  • Access Risk Analysis (ARA)
  • Emergency Access Management (EAM)


* Ensure compliance with Segregation of Duty (SoD) and Sensitive Access Rules in ARA
* Ensure Risk and Access Controls compliance throughout the SAP role build for the SAP landscape
* Work closely with the SAP Security & GRC Architect
* Support User Provisioning & User Access Review workflows in ARM
* Support the maintenance and support of SAP Security & GRC modules
* Provide technical support for the implementation of SAP-based technology like Centralized User Administration, Identity Management (IdM), Single Sign-On, and SAP GRC.
* Ensure compliance with audit requirements
* Share SAP Security knowledge and best practice where possible with the wider SAP Team
* Ensure compliance and privacy standards are met for the Compliance & Security related reporting requirements.
* Seek opportunities to develop and maintain knowledge of the new business processes
* Support security and continuity assessments
* Enforce security policies and procedures by performing periodic reviews of security reports for the business.

Knowladge and Skills Required
Essential:

  • Build of SAP technical and functional roles based on design output
  • SAP Security & GRC best practices
  • SAP Security Basics, SAP Authorization Concept, Roles/Activity Groups, and User Administration
  • Authorisations module of SAP GRC including;
  • Access Request Management (ARM)
  • Access Risk Analysis (ARA)
  • Emergency Access Management (EAM) Configure Segregation of Duty (SoD) and Sensitive Access Rules in ARA
  • SAP Identity Management (SAP IDM)
  • An Understanding of information security management principles, SAP application security implementation methodology's, role based access controls, distributed systems administration, and distributed system recovery.
  • Implementing SAP security Users and Roles in support of requirements.
  • Core SAP security design, analysis, configuration, compliance, and implementation (multiple projects is a plus)
  • Experience with role based access controls, distributed systems administration, and distributed system recovery
  • Experience with security concepts and User/Role administration across several SAP products
  • Experience in managing SAP security in ECC 6.0 or S/4 HANA


Desirable:

  • Knowledge of SAP Public Cloud security integration and access risks (Success Factors, Ariba and IBP)
  • Experience of managing SAP HANA security
  • Security best practices for newer SAP Technologies, namely SAP Fiori, SAP Mobile Platform and Business Objects.