System Administrator Advisor - SAP Security
Diamondback Energy · Dallas, TX · 2 wk ago
Information TechnologyFull-time
Job Duties And Responsibilities
- Design, deploy and maintain security solutions that enables the business community to achieve their goals while providing proper identity and access management controls
- Analyze processes and system user needs to deliver quality solutions that meet both business and functional end-to-end requirements
- Drive overall security strategy including role design and provisioning for S4Hana ecosystem including SAP S/4 HANA, FIORI, GTS, Solution manager, HANA & other Databases, BTP, etc.
- Identify security risks, determines the root causes of security violations, suggest the risk mitigation and control measures and build required procedures and controls
- Ensure SAP security development and deployment execution aligns with standards, methodologies, and processes
- Identify the root cause of the issues and providing a permanent solution
- Daily monitoring of jobs that are necessary for the GRC application(s) to run effectively and efficiently, for example nightly management risk analysis reporting
- Responsible for day-to-day technical support and resolution of security issues, troubleshooting sap security problems including approval procedures and all the necessary compliance
- Develop and maintain processes with applicable documentation related to security by coordinating with IT management and governance teams
- Work with IT management as well as governance groups to facilitate appropriate controls around user/system access
- Proactively Interact with senior management to discuss and explain issues affecting users or systems
- Generate SOX/ad hoc reports on monthly/quarterly/semi-annual basis
- Provide production support and enhancement testing for existing security roles and positions/functions
- Work closely with SAP functional teams to create roles, profiles and authorizations that meet audit requirements as well as functional requirements for end users
- Maintain Segregation of Duties for the SAP environment (e.g. HR/Payroll, BASIS, Security Administration, and BI)
- Work collaboratively with a team to design, build and deploy security frameworks, devices and applications
- Vulnerability Assessment and Penetration Testing: Conduct regular security assessments, vulnerability scans, and penetration tests to identify and address potential security weaknesses in SAP S/4 environments
- Able to provision and de-provision users and roles with appropriate SAP security levels
- Able to effectively prioritize tasks in a high-speed environment
Required Qualifications
- Bachelor's Degree in Business Management, Information Systems or related field or equivalent in years of experience
- Four (4+) years in-depth experience in SAP GRC, Role Administration & Security implementation, and production support in ECC 6.0/S4-HANA
- Experience with SAP S/4 HANA security and authorizations
- Experience in SAP S/4 HANA version 1909 or later
- Experience in creating and assigning FF ID's and extracting Fire Fighter logs
- In-Depth understanding of SAP Security Role design & GRC Architecture
- Very good understanding of role remediation, setting up of SAP Security processes
- Expertise in SAP Security automation and scripts creation for mass maintenance
- Expertise in Running and publishing various SOX reports like, UAR, Critical Actions, SOD, Critical Permissions, Firefighter Log Review
- Experience in maintaining and troubleshooting Structural Authorizations
Preferred Qualifications
- Experience in SAP security engagements with cloud applications, Azure, etc
- Experience in supporting end-to-end SAP Security projects, Security and GRC workshops, testing support, Cutover prep, and Hyper care activities
- Experience in Role design in S/4 with Catalog and Group for Fiori Apps and good analytical skills in issue resolution
- SAP GRC Certification
- In-Depth understanding on FIORI requirement specifications, design, development, and testing
- In-Depth understanding of core BASIS functions and activities
- Minimum of three (3+) years of SAP experience within a large organization including implementing and supporting
- Experience in creating/maintaining GRC solutions
- Experience creating user and security roles for Fiori applications
- Experience with SOD development and ongoing controls
- Role administration across multiple landscape
- Oil and Gas experience preferred
- Experience with system monitoring, background job administration, spool administration
- Experience working with SAP GRC 10.0/10.1, SAP HCM and SAP Solution Manager
- Experience with SAP GRC Access Control configuration that includes MSMP and BRF
- Strong knowledge in provisioning to SAP LDAP and SAP Enterprise Portal platforms for ABAP Roles, UME Roles, and Portal Roles/Groups