Risk & Security Analyst
Cargill
Bangalore KA India
6d ago

Cargill provides food, agriculture, financial and industrial products and services to the world. Together with farmers, customers, governments and communities, we help people thrive by applying our insights and over 150 years of experience.

We have 160,000 employees in 70 countries who are committed to feeding the world in a responsible way, reducing environmental impact and improving the communities where we live and work.

Description

Position Purpose & Summary

The SAP Security Specialistcollaborates with multiple SAP project resources, businesses, IT teams,Partners and TGRC teams to provide SAP security technical designs that leveragesecurity strategies, policies, and procedures for assigned projects.

This is amid-level role with broad awareness of SAP Secure Operations Framework componentsand expert level knowledge of SAP User and Authorization concepts.

TheSpecialist leverages requirements that have been defined by Security Architectsto ensure that security designs are supportive of those requirements andimplemented appropriately.

SAP Security Specialists empower Security Partnersto configure and implement security configurations to meet design requirementsand ensure that projects are rolled into SAP security operational processes.

Principal Accountabilities

LeadSAP Projects which have been assigned 30%

  • Provide SAP Security oversight to assignedprojects; primary point of contact for TGRC SAP (post hand-off by SAP SecurityArchitect) on the project that drives security activities and provides guidanceto project team members on security topics and processes
  • Complete Security Technical DesignSpecifications (TDS) for components of SAP projects as identified during SAPSecurity Assessment, including but not limited to :
  • Parameters
  • Client Settings
  • Integrations ERPM, SailPoint, GRC,Flexnet, Onapsis, MS Azure SSO, Live Compare, etc.
  • SAP Role Design (transactions, apps,privileges, authorizations, permissions)
  • SailPoint IIQ Business Role Design
  • Users
  • Custom Development
  • Table Access
  • Authorization Objects
  • Fire Fighter
  • Logging
  • Communications (RFCs, ICF, UCON, SSL, SNC, etc.)
  • Security Test Management
  • Transactions & Fiori Applications
  • Data Masking
  • Data Scrambling
  • Collaborate with various project teammembers (TGRC, Functional / RDC / DBT, Development, Basis, BI, Middleware,Business, etc.
  • to ensure that appropriate security controls are designed tomeet both business and TGRC requirements; leverage security strategies

  • Vet Solution & Functional Designs andincorporate into Security TDS as appropriate
  • Hold Security workstream projectmeetings; provide status updates to Project Managers
  • Request and analyze Onapsis securityscans against project systems; drive remediation of security gaps that areidentified as result of the project;
  • provide gate approval for the Securityworkstream

  • Perform Security Unit Testing in SAPDevelopment systems to confirm security designs have been configuredappropriately prior to System Integration Test (SIT) or other test phasesthereafter
  • Provide Security Cutover Plan to CutoverLead
  • Document bulk load deliverables forsecurity roles and users and coordinate with CCE, Security Partners & TGRCIDM Team
  • Perform project validations of securityconfigurations in SAP production systems
  • Maintain TGRC SAP Trackers withappropriate values introduced as part of a project (Org Tracker, Process RoleTracker, etc.)
  • Escalate project scope changes witharchitecture impact to Security Architects
  • Raise security exceptions or findings toTGRC Vulnerability Analyst and / or Sec Arch assigned to the project
  • Hold Security Knowledge Transitionmeetings with TGRC and Security Partners
  • Project Deliverables : Vulnerability Scan,Security TDS, Custom Transaction Code Requirements, Fiori App Requirements,Security Unit Test, Bulk Role Upload, Bulk User Upload, Project Review,Security Validation
  • LeadSecurity Roadmap Initiatives (Small Works) 20%

  • Lead assigned Roadmap initiatives
  • Identify tasks to complete roadmapinitiatives
  • Coordinate resources, changes (system,documentation, etc.) to support delivery of the roadmap work
  • SAPSecurity Roadmap Initiative / Signature Project Resource 10%

  • Fulfill project-based responsibilities asassigned by the project that may include : system analysis, POC configuration,coordination of tasks and Partner activity, development of reports, andpreparation of documentation.
  • SAPSecurity Governance 10%

  • Provide vetting and approval for changesto security that can introduce risk to the SAP landscape resulting from changerequests, projects, upgrades, operations, enhancements, incidents, etc.
  • asidentified in the change catalog.

  • Provide vetting and design requirementsfor RPA BOT enablement requests
  • On-CallSAP Security Resource 10%

  • Participate in on-call rotation forsecurity incidents and escalations during traditional non-working hours
  • AuditResource 10%

  • Respond to Audit inquiries as assigned.Provide explanations, evidence as needed.
  • OperationalSecurity Resource 10%

  • Operational responsibilities thatare assigned by the SAP Security Program Lead that are supportive of TGRC SAPsteady state
  • Qualifications

    Education,Experience, Skills

    Required Qualifications

  • Bachelor’sdegreein Information Systems,Computer Science or any other discipline
  • TotalSAP Security & Basis experience 8+ years
  • BA / MAdegree in Computer Science, Information Systems, Information Technology, oranother related field
  • Strongknowledge with SAP ABAP, HANA, Java and Cloud systems security
  • Strongknowledge working with SAP GRC
  • Atleast 3 full implementation cycles fulfilling core SAP Securities activities(architect, design, deploy, verify)
  • Experienceof support partner collaboration & governance
  • Experiencewith interacting and managing effective communications with IT leadership.
  • Strongwritten and verbal communication skills.
  • Abilityto work in a team environment.
  • Ability tocreate and work with large and highly-complex security concepts and structures
  • StrongKnowledge on audit controls and SOD
  • Information Technology

    Report this job
    checkmark

    Thank you for reporting this job!

    Your feedback will help us improve the quality of our services.

    Apply
    My Email
    By clicking on "Continue", I give neuvoo consent to process my data and to send me email alerts, as detailed in neuvoo's Privacy Policy . I may withdraw my consent or unsubscribe at any time.
    Continue
    Application form