Sr. SAP S4H Security SME

Technology\n\n * Designing access roles for the SAP S4H environments across multiple domain such as finance, supply, procurement, engineering etc.\n * Implement best practices in the area of Role build, testing and transport.\n * Define Role Transport strategy for a highly complex multi-tier environments with separate Sustain and Project Tier.\n * Propose security best practices for Solutions built on SAP BTP.\n * Review and share access controls, authentication protocols for 3rd party apps integrations.\n * Define SOD Risks and mitigation controls by collaborating with process experts, GRC Teams.\n * Provide input to GRC technical teams to update SoD risk matrix with new transaction codes/Fiori apps etc.\n * Review custom code, and propose the authorization check to ensure the Organization level controls can be implemented via roles.\n * Review and update authorization defaults for transactions, Fiori apps, Web-dynpros etc.\n * Experience of defining audit controls, engage with auditors to drive internal and external audit evidence gathering. \n * Assist in design, document and continually enhance SAP security administration policies, processes, and procedures for the SAP environment.\n * Support the project teams on SAP Transports using during major releases, dual maintenance/retrofit and object conflict issue resolution \n * Update and maintain procedure documentation, present to larger team.\n * Propose technical governance (standards, best practices, etc.), document and present to Larger team.\n\n\n\nBusiness\n\n * Engage with the Business Process Owners, Product Owners, and internal stakeholders to capture access control requirements. \n * Work closely with Business analysts, Org Governance Teams and SMEs\n * Liaise with CyberSecurity Teams, Internal/External Audit and Internal Risk \u0026 controls teams.\n * Work closely with Project managers, define Access controls Design, Build, Test Plans identify risks to the projects.\n * Work with internal Training team, deployment teams closely on content development, delivery and communications. \n\n\n\nExternal Presence\n\n * Participate in technical forums and other appropriate events\n\n\n\nEssential qualifications\n\n * Bachelor\u00b9s or Master\u2019s degree in Information Science, Computer Science or related field\n * 10 to 12 years of SAP Security Experience\n * Minimum 2 S4H Greenfield, Brownfield implementation Experience\n * Experience of working on complex SAP rollout projects\n * Excellent communication, verbal, presentation and written skills\n\n\n\nKey competencies in SAP Security\n\n * Expertise in application security S4H, Fiori, HANA, SAP BTP with deep understanding of authentication, user provisioning, role design management. \n * Experience of Master \u2013 derived, Value \u2013 Enabler technical roles with inclusion of tcodes, Hana views, Fiori Apps etc. \n * Expertise in Fiori role build, especially Pages, Spaces, Catalogue, Groups, apps etc.\n * Understanding of OData V2, V4 services, API Security, and troubleshooting complex Fiori and Hana access issues. \n * Exposure to BTP role build in Abap Environment, HANA Cloud (XSA apps), IAS, IPS, Audit logging, Credential store services etc. \n * Business process understanding on Core Domains like Supply, logistics, procurement, Trade Controls and Master Data Governance.\n * Possess experience reviewing custom transactions, updates authorization defaults, with good understanding of authorization objects across domains, including sensitive admin transaction codes. \n * Experience of developing attribute-based access provisioning designs, with exposure to provisioning tool IDM, Saviynt.\n\n\n\nOther skills and abilities\n\n * Ability to work in global distributed setting without supervision.\n * Self-driven, Proactive, Out -Of -Box Thinker\n * Flexible and reliable- displaying great ownership in all aspects.\n * Open to travel abroad and in India\n\n\n