SAP SECURITY Consultant

JD for SAP S/4 HANA Fiori and GRC consultant: Minimum of 10-12 years of experience

GRC:

• GRC End-End Implementation (minimum 2 Life Cycle)

• Activation of BC Sets / IMG Nodes

• Activation of SICF services for GRC AC, PC and RM

• Create new connectors and maintain connector groups

• Creation of Initiator Rule, Agent Rule, Notification variable rule & Routing rule

• Maintain Configuration setting

• Designing of Fiori Rule Set for GRC-Fiori Integration

• Configuring integration scenarios (SUPMG, AUTH, ROLEMG, PROV)

• GRC Multi-Stage Multi-path (MSMP) workflow customization and maintenance

• Creation of Function ID's

• BRF+ customizing for Workflow maintenance

• Risk ID creation and changes for new authorization maintenance

• Mitigation ID creation and maintenance

• Remediation of risks based on simulation results

• Maintain new connectors for accessing through GRC

• Maintain Role methodology for different role type through condition groups

• Maintain EUP for use in different scenarios

• Configure Password self-service

• Maintain the Synchronization jobs.

• Maintain rule sets for customized risk ID's and function ID's.

• Create mitigation control and mitigating risks

• GRC integration with SuccessFactors for Risk analysis and Access provisioning

• GRC integration with SuccessFactors for HR trigger

• GRC integration with HANA DB for access provisioning and risk analysis

• Designing new Process Control CCM's or enhancing existing controls based on compliance requirements

SoD Risk Remediation / Mitigation, ITGC and Audit:

• Designing of SoD Risk Ruleset

• Building Fiori Risk Ruleset to detect SoD risks arising from conflicting Fiori apps

• SoD clean-up and role redesign project for risk remediation and mitigation

• Building HANA Risk Ruleset for detecting SoD risks at HANA DB level involving privileges

• Experience in GRC configuration review, ruleset review and reviewing of mitigation controls to ensure their risk coverage

• Design and review of RACM

FIORI:

• Fiori Spaces and Pages Design as per Business Roles

• Activation of OData services SICF nodes

• Maintain Symantec Objects for Fiori Apps

• Maintain Target Mapping for Custom Fiori Apps

• Fiori GRC integration and design of Fiori ruleset

• Troubleshooting Fiori issues including authorizations using IWFND/ IWBEP Error logs and browser console

• Implementation and configuration of new Fiori design language involving Fiori Spaces and Pages based on business roles

• Implementation of Fiori App Support functionality to expedite Fiori & authorization related issues

• Migration from distributed Fiori landscape to embedded architecture

• Fiori landscape redesign by replacing Fiori Groups with Spaces and Pages

S/4 HANA & ECC- R3 BI/BW and HR Upgrade/ Migration/ Security:

• Table access Maintenance and mapping tables to authorization groups using SE54

• SU24 maintenance, SU25 Step execution

• Enabling system Security policies and organizational criterion for S_TABU_LIN

• Mapping programs to authorization groups using RSCSAUTH and restrict access using S_PROGRAM / S_PROGNAM

• BI/BW Analysis Authorization creation and maintenance

• Experience in BW Analysis Authorizations

• CUA administration

• Authorization tasks pertaining to ECC to S/4 HANA Migration

• SAP ERP and S/4 HANA Compliance Audit

• One ECC to S/4 Hana Migration

• SECATT, LSMW, GUI scripting for mass maintenance tasks

• S/4 HANA UI Masking and UI Logging for GDPR

HANA Security (User Admin and Role Admin)

• Creating and maintaining Analytic, SQL, Package, System & Application Privileges.

• Restricting access to Schemas, Views, Tables, Procedures using Privileges

• User Administration involving standard and restricted users

• Analytic View, Attribute Views & Calculation Views

• Changing Parameter files (e.g.- Indexserver.ini)

• Creating and transporting HANA Packages using Delivery Units

Good to have:

• Understanding of SAP Functional and business knowledge

• Experience in CFIN, MDG security and authorizations on S/4 HANA

• Experience in designing GRC / IAG risk ruleset for Fiori apps and Cloud applications

Qualifications

GRC:

• GRC End-End Implementation (minimum 2 Life Cycle)

• Activation of BC Sets / IMG Nodes

• Activation of SICF services for GRC AC, PC and RM

• Create new connectors and maintain connector groups

• Creation of Initiator Rule, Agent Rule, Notification variable rule & Routing rule

• Maintain Configuration setting

• Designing of Fiori Rule Set for GRC-Fiori Integration

• Configuring integration scenarios (SUPMG, AUTH, ROLEMG, PROV)

• GRC Multi-Stage Multi-path (MSMP) workflow customization and maintenance

• Creation of Function ID's

• BRF+ customizing for Workflow maintenance

• Risk ID creation and changes for new authorization maintenance

• Mitigation ID creation and maintenance

• Remediation of risks based on simulation results

• Maintain new connectors for accessing through GRC

• Maintain Role methodology for different role type through condition groups

• Maintain EUP for use in different scenarios

• Configure Password self-service

• Maintain the Synchronization jobs.

• Maintain rule sets for customized risk ID's and function ID's.

• Create mitigation control and mitigating risks

• GRC integration with SuccessFactors for Risk analysis and Access provisioning

• GRC integration with SuccessFactors for HR trigger

• GRC integration with HANA DB for access provisioning and risk analysis

• Designing new Process Control CCM's or enhancing existing controls based on compliance requirements

SoD Risk Remediation / Mitigation, ITGC and Audit:

• Designing of SoD Risk Ruleset

• Building Fiori Risk Ruleset to detect SoD risks arising from conflicting Fiori apps

• SoD clean-up and role redesign project for risk remediation and mitigation

• Building HANA Risk Ruleset for detecting SoD risks at HANA DB level involving privileges

• Experience in GRC configuration review, ruleset review and reviewing of mitigation controls to ensure their risk coverage

• Design and review of RACM

FIORI:

• Fiori Spaces and Pages Design as per Business Roles

• Activation of OData services SICF nodes

• Maintain Symantec Objects for Fiori Apps

• Maintain Target Mapping for Custom Fiori Apps

• Fiori GRC integration and design of Fiori ruleset

• Troubleshooting Fiori issues including authorizations using IWFND/ IWBEP Error logs and browser console

• Implementation and configuration of new Fiori design language involving Fiori Spaces and Pages based on business roles

• Implementation of Fiori App Support functionality to expedite Fiori & authorization related issues

• Migration from distributed Fiori landscape to embedded architecture

• Fiori landscape redesign by replacing Fiori Groups with Spaces and Pages

S/4 HANA & ECC- R3 BI/BW and HR Upgrade/ Migration/ Security:

• Table access Maintenance and mapping tables to authorization groups using SE54

• SU24 maintenance, SU25 Step execution

• Enabling system Security policies and organizational criterion for S_TABU_LIN

• Mapping programs to authorization groups using RSCSAUTH and restrict access using S_PROGRAM / S_PROGNAM

• BI/BW Analysis Authorization creation and maintenance

• Experience in BW Analysis Authorizations

• CUA administration

• Authorization tasks pertaining to ECC to S/4 HANA Migration

• SAP ERP and S/4 HANA Compliance Audit

• One ECC to S/4 Hana Migration

• SECATT, LSMW, GUI scripting for mass maintenance tasks

• S/4 HANA UI Masking and UI Logging for GDPR

HANA Security (User Admin and Role Admin)

• Creating and maintaining Analytic, SQL, Package, System & Application Privileges.

• Restricting access to Schemas, Views, Tables, Procedures using Privileges

• User Administration involving standard and restricted users

• Analytic View, Attribute Views & Calculation Views

• Changing Parameter files (e.g.- Indexserver.ini)

• Creating and transporting HANA Packages using Delivery Units

Good to have:

• Understanding of SAP Functional and business knowledge

• Experience in CFIN, MDG security and authorizations on S/4 HANA

• Experience in designing GRC / IAG risk ruleset for Fiori apps and Cloud applications

Schedule: Full-time
Req: 0093OU