Lead SAP Security & GRC Consultant

Infosys is seeking a Lead SAP Security & GRC Con sultant

As a Lead Consultant, you will be a key player in the consulting team that helps discover and define the problem statement, evaluates the solution options and makes recommendations. You will create detailed design, architecture and process artifacts and implement the deployment plan. You will also support knowledge transfer with the objective of providing value-adding consulting solutions that enable our clients to meet the changing needs of the global landscape.

Basic Qualifications

• Bachelor's degree or foreign equivalent required from an accredited institution. Will also consider three years of progressive experience in the specialty in lieu of every year of education.

• Atleast 7 years of technical experience with S/4 security and GRC configuration for global deployment.
  
• This individual will work closely with functional, business and audit teams to gather security requirements. Design and implement security solutions, in compliance with Security, regulatory, organizational and SOX controls.
  
• Atleast 7 years of hands-on experience in defining SAP Security approach, role design, authorization concepts and user provisioning
  
• In-depth knowledge of SAP authorization concepts for S/4 HANA, BW, BPC, SAC, BODS, Fiori, Solution Manager and SAP PO environments.
  
• Experience in role and group modelling for HANA database access in S4 environment.
  
• Collaborate with business and audit teams to manage security effort, design, test, and final move to production in implementing security solutions
  
• Manage on-going security role and authorization changes to meet business and security compliance requirements
  
• Expertise with the GRC suite of applications, Segregation of Duties, and Audit processes. SAP GRC 12.x Access Control experience mandatory.
  
• Experience in implementing and managing core GRC modules ARA, ARM, EAM, BRM. Define Risks, conduct risk analysis and monitor for continuous improvements and compliance
  
• Work with Business, Audit teams to conduct periodic SOX audit reviews
  
• Support business, audit, and IT teams to define mitigation controls and support on-going maintenance
  
• Responsible for developing and administering application security for global SAP environments to ensure all application modules are functional and secure.
  
• Works with business and project teams to troubleshoot issues with authorization objects and identify and implement appropriate solutions
  
• Run and monitor all SOX related reports, look for issues, communicate concerns and provide solutions in a timely manner.
  
• Provide training of support team and business users including documentation updates
  
• Work in an on-call support model
  
• Nice to have experience integrating SAILPOINT with SAP for user /role provisioning.
  
• Ownership and accountability
  
• Independent decision making
  
• Excellent communication & interpersonal skills - written and oral
  
• Strong drive for results
  
• Strong interpersonal skills
  
• Bachelor's degree in Business, Computer Science, Information Technology, or equivalent job-related experience
  
• As part of the SAP Application security this senior role will have responsibility to implement S/4, BPC, SAC, PO, BODS,Solman security modelling, data security, cross broader application security implementation, role compliance, EAM, BRM, role modelling in S/4 global roll out scenarios. Demonstrate professional experience in GRC and configuration / customozations in GRC. Experience in SailPoint integration is a plus. As part of the Security Center of Excellence (SCOE) the candidate will provide hands on leadership working individually or with teams to support existing applications and participate in new projects.
  
  • Hands on experience / Knowledge SAP BTP, IAG.
  
  • Set-up and manage the Application Security in various areas of BTP such as BTP standard /custom authentication, provisioning.
  
  • Should have knowledge on BTP Security aspects such as SSO, Oauth, Idp, etc..
  
  • Design of roles on BTP and accommodating them in the backend roles as well.
  
  • Good understanding on IAG, IAS, IPS functionalities.