SAP NS2 Intel Enterprise Software Application Security and Governance, Risk & Compliance; GRC; TS​/SCI

SAP NS2 Intel Enterprise Software Application Security and Governance, Risk & Compliance (GRC)
TS/SCI

We help the world run better At SAP, we keep it simple: you bring your best to us, and we'll bring out the best in you. We're builders touching over 20 industries and 80% of global commerce, and we need your unique talents to help shape what's next. The work is challenging – but it matters. You'll find a place where you can be yourself, prioritize your wellbeing, and truly belong.

What's in it for you? Constant learning, skill growth, great benefits, and a team that wants you to grow and succeed.

NS2 Intel Enterprise Software Application Security and Governance, Risk & Compliance (GRC) Consultant-onsite Chantilly-Active TS SCI+poly

NS2 COMPANY DESCRIPTION

SAP is the global market leader for business software and related services. SAP National Security Services Inc.® (SAP NS2®) is an independent U.S. subsidiary of SAP. At SAP NS2, we leverage best-in-breed technologies engineered by SAP to protect the lives, assets and information of Americans. We offer SAP solutions with specialized levels of security and support to meet the requirements of U.S. national security and critical infrastructure customers.

This position requires access to customer data;
Must be a U.S. citizen. SAP NS2 does not offer Visa sponsor ships for this role. All internals must have manager’s approval to transfer.

The SAP NS2 Security and GRC Consultant candidate will be responsible for leading our security and controls team in delivery and maintenance of solutions that meet our client’s complex needs. The candidate should be an experienced manager who still does hands-on work and has the necessary knowledge of SAP/other ERP software and GRC to effectively work with minimal supervision. Candidates should have knowledge or previous work experience in managing SAP/or other ERP software and GRC tools in a cloud environment, understanding the complexities that come with cloud, and can effectively communicate cloud security design/architecture ideas to technical as well as non-technical client stakeholders.

This is a full-time position, and due to security requirements is on-site only.

Skills/Experience Requirements

• 5-8+ years' experience managing SAP/other enterprise software application security and SAP/other enterprise software GRC Access Control for the client's SAP landscape, from development up to production.
• Ability to design, configure, develop, and maintain SAP/other enterprise software roles (composite and single) to align with business requirements.
• Participate in role redesign projects during upgrades or business transformations.
• Deep understanding of SAP/other enterprise software authorization concepts catering to SAP ECC, SAP S/4 HANA systems, and SAP GRC Access Control (10.x and 12.x).
• Experience in Security/GRC implementation and maintenance, to include minor enhancements as well as support pack/version upgrades.
• Extensive hands-on experience with GRC master data creation and maintenance, performing risk analysis and remediation activities, batch job monitoring, audit & compliance support activities (user management controls, access certification, etc.), and BRF+ and MSMP workflows.
• Ability to effectively and efficiently troubleshoot security access issues, interacting with key functional/business stakeholders as necessary in order to resolve SAP/other enterprise software Security/GRC errors/exceptions.
• Keeps oneself constantly abreast of the latest advancements on SAP ECC, S/4 HANA, and other emerging security authorization concepts.
• Knows the risks associated with enterprise application security vulnerabilities, and proposes solutions to eliminate and/or mitigate those risks.
• Understanding of NIST, SOX, SOD, and SAP IT General Computer Controls, how these compliance requirements impact security, and provide solutions to address them.
• Support, develop, and enable junior team members.
• Provide SAP security technical training to client counterparts, as needed.

Additional Requirements

• BA/BS Degree, ideally in Computer Science, Cyber Security, Information Security, Engineering, Information Technology or related field- OR equivalent…