SAP Compliance and Security Specialist
Published | November 2, 2018 |
Location | Colonial Heights, VA |
Category | Default |
Job Type | Full-time |
Description
This position is on the staff of a government consulting firm located in Tysons, VA. The SAP Compliance and Audit Readiness Specialist will work on-site at client organization located in Richmond, VA assisting the GCSS-Army Audit Readiness lead. The primary responsibilities include supporting external audit reviews, preparing documentation to support audit reviews, collaboration with AESIP Financial Compliance Division to ensure consistency at Army Enterprise level, conducting and documenting annual reviews of internal controls, and assisting Audit Readiness lead in building compliance framework to ensure internal controls are defined, communicated and adhered to. Position will assist with the validated and documented of internal controls. Additional responsibilities will include efforts pertaining to management of the SAP Firefighter elevated system access reviews, to include inventory of provisioned IDs, updating and obtaining documentation and approvals for all IDs, pro-active management, monitoring and documentation of Firefighter requests, training and review of audit logs. Additional responsibilities include but are not limited to management, monitoring and documentation of the annual SAP role reaffirmation process as well as development of policies and procedures to support Audit Readiness requirements.
Responsibilities
- Support Audit Readiness lead during external and internal Audit Activities. Ability to meet tight deadlines. Ability to manage several priorities simultaneously. Must be CAC ready to access SAP and program systems
- Ability to successfully collaborate with AESIP FCD, GCSS-Army PMO and LSI on in support of all Audit Readiness requirement
- Ability to run SAP Security/SUIM reports to obtain information for audit inquiries and reviews.
- Ability to generate, review, and follow up on exceptions for SAP Firefighter Access or elevated system access privileges.
- Ability to use SAP system to research Firefighter history usage to gain information about individual activities.
- Familiarity with SAP tables and queries to generate users data for role reaffirmation efforts.
- Ability to effectively use all technology to document annual role reaffirmation efforts.
- Ability to execute SoD and Critical Action reports using GRC tools.
- Ability to review SOD and CA reports for exceptions and to make recommendations to remediate SOD conflicts.
- Solid understanding of SAP Security and User ID provisioning procedures Understand of authentication concepts.
- Provide tactical and strategic GRC support to Audit Readiness remediation efforts for project systems including SAP ECC, Portal, PI, BI, Store & Forward, CUA, GRC, Netweaver Gateway, and CE.
- Ability to diagnose SAP access and authorization issues and provide corrective recommendations.
- Understanding of authentication concepts and regulatory compliance.
- Requires a range of SAP technical, landscape and authorization knowledge.
- Understand where to obtain various sources of audit information within an SAP environment.
- Conduct SAP Role Reaffirmation process and other technical assessments to support customer requirements.
- Manage, support and coordinate privileged access request process. Maintain documentation of approvals, AUPs, training materials.
- Provide governance monitoring of privileged access review. Document reviews, approvals and maintenance of documentation for Audit Readiness purposes.
- Recommend improvements to the System Access Request process. Provide governance and monitoring of the access request process.
- Able to accomplish deliverables involving complex and highly analytical tasks.
- Able to create detailed procedures for SAP Security and Compliance activities.
- Provide technical assistance in training all levels of SAP users, including translation of ERP system technical literature in terms understandable to end users.
Qualifications
- Bachelor’s degree required in Business Administration, Computer Science or comparable degree.
- 5+ years experience with internal or external audits.
- SAP Security experience-knowledge of role and position based security Information Systems Security certifications are a plus Experience with SAP GRC Access tools
- Experience using Microsoft Office (Excel)
- Prior Army service a plus Excellent written and oral communications skills
- Active DoD SECRET clearance.