SAP GRC Security Analyst

at PepsiCo
Location Plano, TX
Date Posted November 30, 2020
Category Default
Job Type Full-time

Description

Auto req ID: 218688BR

Job Description

SAP GRC Security Analyst

The Security Analyst position is a hands-on SAP GRC role that would be responsible for maintaining the Access Control module along with implementing continuous improvement initiatives, evaluating risks as it relates to SAP GRC. The analyst is preferred to have hand-on experience in Process Control and Risk Management modules within GRC.
The analyst will also be responsible for executing SOX controls and ensuring that operational activities are in compliance with security standards and policies. The analyst will also be required to participate in project-related activities while staying abreast with the latest solutions/ capabilities within SAP Security and GRC space.

The job responsibilities include:

  • Configure and maintain GRC 12 access control workflows and configuration
  • Ensure SAP GRC tickets are resolved in a timely manner and within SLA
  • Maintain and document GRC configuration standards
  • Monitor the GRC workflow and master data design to support Sarbanes-Oxley Compliance (SOX), including Segregation of Duties (SoD) and business/ technical sensitive transactions
  • Maintain SAP GRC systems to follow the Security standards and policies
  • Maintain Master data within GRC systems
  • Assist during yearly GRC upgrades with the execution of test scripts, contributing to identifying new test cases
  • Analyzing SOD risks in partnership with the Control Organization
  • Manage Security and/or GRC requirements for Work intake Projects (estimates, cross-charges, requirements gathering, etc.)
  • Execution of ITGC control testing on GRC systems
  • Train end-users and IT teams on GRC processes and procedures
  • Provide assistance during external and internal audits
  • Participate and drive workshops and team discussions between SAP security and GRC teams
  • Integrate security governance within the overall control environment and sustain activities with the impacted parties
  • Interaction with audit, risk, and control personnel to explain and evaluate the structure and design of GRC processes
  • Plan, communicate and coordinate key control (e.g., SOX) activities such as the quarterly related IT application control reporting

Qualifications/Requirements

Bachelor's Degree or equivalent experience
Experience:

  • Minimum of 2+ years' experience in implementing SAP GRC, Security and Controls
  • Minimum of one full life cycle implementation
  • Broad understanding of Sarbanes Oxley compliance framework. Familiarity with audit, business controls, and segregation of duties is a plus
  • General understanding of principles of risk and control processes and deep understanding of SAP GRC Access control concepts
  • Knowledge about the SAP authorization concept and prior experience in security role design, GRC configuration and SOD mitigation
  • Good understanding of various role design concepts on SAP ECC, BI, CRM, XI, HANA, GRC systems
  • Proficient knowledge in Microsoft office tools including MS Access
  • Prior knowledge of ticketing tools and Change management process
  • SAP certification preferred

Ability to travel upto 50% for various deployments within US

AF-TechRelocation Eligible: Not Eligible for Relocation
Job Type: Regular

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, or disability status.

PepsiCo is an Equal Opportunity Employer: Female / Minority / Disability / Protected Veteran / Sexual Orientation / Gender Identity

Our Company will consider for employment qualified applicants with criminal histories in a manner consistent with the requirements of the Fair Credit Reporting Act, and all other applicable laws, including but not limited to, San Francisco Police Code Sections 4901 - 4919, commonly referred to as the San Francisco Fair Chance Ordinance; and Chapter XVII, Article 9 of the Los Angeles Municipal Code, commonly referred to as the Fair Chance Initiative for Hiring Ordinance.

If you'd like more information about your EEO rights as an applicant under the law, please download the availableEEO is the Law &EEO is the Law Supplement documents. View PepsiCo EEO Policy

Please view ourPay Transparency Statement