Need SAP Consultant@Location – Issaquah WA
Sap Consultant
Mandatory Skills - Sap Security,Sap Hana,Sap Grc
Location – Issaquah WA
Client JD
The IS Governance, Risk & Compliance (GRC) Compliance position will be focused on all aspects of security risk management and data with a particular emphasis on PCI, HIPAA, PII (domestic & international), SOX, GDPR, and other industry or regulatory compliance that impact the Client's IS infrastructure.
The GRC Compliance consultant will work very closely with the IS Security and other IS leadership and management team members to build and maintain strong security, risk, and compliance program.
The role will be responsible to determine and establish the approach by which IS GRC will manage and govern risk and compliance. This includes creating, institutionalizing, and rolling out an Integrated Controls framework that addresses the multitude of regulatory requirements with internal stakeholders for reporting on progress versus objectives on a regular basis which includes the design, collation, review, analysis, distribution, and communication of the framework.
Tasks and responsibilities
Serves as a subject matter expert for governance and compliance frameworks for IS and business process regulations/compliance within IS Security GRC.
Stakeholders in the execution of risk management, information security, and data compliance corporate initiatives across all the business units globally.
Promotes and supports a culture of compliance, risk avoidance/mitigation, and corporate accountability throughout the organization.
Responsible for the development of required corrective action plans relating to data compliance issues.
Manages the business relationships with the internal and external auditors/assessors.
Researches and evaluates new compliance requirements and works with other stakeholders and owners to ensure they are incorporated into the security policy framework, standards, and procedures.
Defines and implements a risk-based approach to identifying, monitoring, measuring, and reporting various types of security risk and compliance issues in regard to financial reporting.
Identifies and prioritizes risk management, information security, and compliance risks and recommends mitigating controls.
Works with counterparts to ensure the development and communication of policies, procedures, and plans to internal stakeholders regarding security and risk management best practices and applicable laws and regulations.
Evaluates security and risk assessments of internal business units and external vendors and service providers.
Provides governance for the identification, validation, and remediation of information technology controls required by Sarbanes-Oxley, Payment Cardholder Information Data Security Standards (PCI DSS), Personally Identifiable Information (PII), HIPAA, and other regulatory compliance frameworks. Ensure successful audits of these compliance programs.
Must be able to translate PCI DSS best practices, GIS compliance recommendations, and international regulatory requirements to protect international technology assets (cardholder data (CHD) and all CHD assets including people access).
May support line of business PCI self-assessments, third-party QSA lead PCI Assessment as well as GIS lead PCI Assessments impacting the Domestic US and International regions.
Will assist in the analysis of PCI assessment findings, owner identification, remediation planning, and validation.
Will participate in lines of business and enterprise control functions PCI strategic planning.
Required skills, abilities, and certifications
Deep understanding of all aspects of risk management, data compliance, information security strategy, technologies, and tools.
Over 9 years of proven experience developing and executing global security risk management and compliance programs.
Should be very strong in SAP GRC 10.2 and ARA
Direct experience working with IT GRC tools (e.g., Archer, Remedy, Lockpath, etc.)
Experience with developing and producing security and compliance metrics that are meaningful and actionable for Sr. Management.
Demonstrated leadership skills with the ability to work effectively at executive levels.
Excellent conceptual and critical thinking skills and sound judgment, with strategic orientation and ability to perform tactically, as required.
Experience in providing technical expertise appropriate to knowledge of risk and cost-effective delivery of essential security services.
Proven experience developing and submitting audit and compliance reports to governing bodies, legal entities, and/or external authorities.
Solid understanding of assessing and designing internal controls in an enterprise-level environment.
Solid knowledge and understanding of security control across all security domains such as access management, encryption methods, vulnerability management, network security, etc.
Strong knowledge of risk management practices and security governance programs.
Past or current certifications in one of the following areas: ISA, QSA.
Recommended skills, abilities, and certifications
Certifications in one or more of the following areas are preferred: CISSP, CISA, CISM, GISO, GCIH, and CIPP.
Architectural level experience in information security, data compliance, and risk management.
Proven people management experience – worked with a variety of teams globally.
Experience in planning, organizing, and developing information technology policies, procedures, and practices.
Ability to propose creative solutions to successfully remediate identified compliance issues.
No. of RR's – 2
SO ID - 51941308_1
Location – Issaquah WA
Mandatory Skills - Sap Security,Sap Hana,Sap Ecc
Client JD
Job Description: SAP Security and GRC
Tasks and responsibilities
Create and maintain user Roles and Authorization profiles (PFCG).
Maintain users and roles in SAP ECC, CRM, Solution Manager, BI, BOBJ, PI, Enterprise.
Design, implement and maintain appropriate security throughout the SAP landscape.
Troubleshoot SAP security errors efficiently and accurately.
Experience in GRC areas –
Account Request Management (ARM)
Access Risk Analysis (ARA)
Emergency Access Management (EAM)
IT Risk Management, SOX compliance, and/or auditing with a strong background in IT controls
Maintain SAP security policies and documentation.
Liaise with network administrators, systems analysts, and software engineers to assist in resolving security problems with software products or company software systems.
Work with User Information System, creating and changing security policies for users and assigning users to roles.
Secure Tables and Programs by creating custom Transaction codes.
Monitoring the critical transaction codes and ensures that they are assigned to the concerned users only.
Managing user login parameters and password parameters.
Troubleshooting skills using trace, other mechanism required
Experience in CRM UI authorization required
Very strong experience in Security. Need to work with senior security resources from the client.
Required skills, abilities, and certifications
Minimum of 9 years of experience with SAP Security across various applications including but not limited to S/4 HANA, ECC, CRM, GRC, BW, MDG, Fiori, PI/PO, eWM, Enterprise Portal, HR portal, and Solution Manager
Must have experience in Refresh & Upgrades
Understanding of SAP cloud security
Experience with SOD conflict resolution
Understanding of AD-authenticated Single Sign-On preferred.
CUA knowledge preferred.
Audit and compliance experience in Sarbanes-Oxley / publicly traded commercial environment preferred.
Creating the Developer Keys for the developers and OSS ID's for SAP Users from SAP Service Place and extending their Validity for OSS notes
Producing SoD Analytical Reports (both Summary and Detail) against Users, User Groups, Roles and Profiles using RAR.
Mitigation and remediation of users and roles for SOX using User/Role Analysis in RAR.
Bhaskar kumar Koppisetti
Email :kumar.koppisetti@3sbc.com
Hangout : bhaskarkumar3sbc@gmail.com
An E-Verified Company
Note: If you are not able to reach me over the phone please email me , I will reply to you ASAP.
To be removed from our mailing list reply with "remove@3sbc.com" and include your "original email address/addresses" in the subject heading. Include complete address/addresses and/or domain to be removed. We will immediately update it accordingly. We apologize for the inconvenience if any caused. Please consider the environment before printing this email. Go Green
--
You received this message because you are subscribed to the Google Groups "hotrequirements223" group.
To unsubscribe from this group and stop receiving emails from it, send an email to hotrequirements223+unsubscribe@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/hotrequirements223/12ca42d1-6f2c-4e96-acbe-d1aa3ee46adfn%40googlegroups.com.
Comments
Post a Comment
Thanks