SAP Security

SAP GRC Engineer supports the values and business goals as they relate to legal, ethical, and regulatory obligations; protect privacy; and maintain a secure technology environment. SAP GRC Engineers develop and execute security controls, defenses, and countermeasures to intercept and prevent internal/external attacks, infiltration of company data, and compromising of systems and accounts. SAP GRC Engineers research attempted/successful efforts to compromise systems security; design countermeasures; implement and maintain physical, technical, and administrative security controls; and provide information to management regarding the negative impact to the business.

ROLE

• Provides GRC, security, and technical expertise to support the development of GRC objects to satisfy business requirements.
• Analyzes and administers GRC policies to control physical and virtual system access.
• Identifies and investigates GRC issues and develops solutions that address compliance requirements that

can/do impact GRC and security.

• Identifies, develops, and implements mechanisms to detect incidents in order to enhance compliance and support of the standards and procedures.
• Assesses business role requirements, reviews authorization roles, and supports authorizations.
• Demonstrates a comprehensive skill set with testing authorizations for multiple environments and coordinates testing with business/technical users.
• Validates system configurations to ensure the safety of information systems assets and protects information systems from intentional or inadvertent access or destruction.
• Implements best practice when applying knowledge of information systems security standards/practices (e.g. access control and system hardening, system audit and log file monitoring, security policies, and incident handling).
• Identifies GRC gaps that expose Costco to potential exploit and develop short- and long-term prioritized remediation to address those gaps.

REQUIRED

• Minimum of 12 years of experience of SAP GRC Access 10.0 and or 12.0 with expertise using the following modules:Account Request Management (ARM), Access Risk Analysis (ARA), Emergency Access Management (EAM), User Access Review (UAR), Process Control (PC), SAP ETD.
• Minimum of 7 years work experience in IT Risk Management, SOX compliance, and/or auditing with a strong background in IT controls.
• Minimum of 7 years of experience with SAP Security across various applications, including but not limited to, S/4 HANA, ECC, BW, MDG, Fiori, PI/PO, eWM, and Solution Manager.
• Minimum of 7 years experience with SOD conflict resolution.
• Direct hands-on experience in IT audits and functional experience using SAP GRC.
• Understanding of SAP cloud security.
• Strong understanding of Sarbanes-Oxley (SOX) and other compliance requirements that may impact controls.
• Expertise in working with internal and external auditors.
• Experience developing SAP GRC solutions that address Sarbanes-Oxley requirements.

FTE with fortune 100 company. Pls apply. Will transfer H1 too.