SAP GRC and Security Analyst - Gravity IT Resources : Job Details

PLEASE READ BEFORE APPLYING:

Due to the nature of the work being performed this role requires active US Citizenship.

• We can ONLY consider US Citizen's for this role (NO Green Card, EAD, H1B, etc..)

Job Title: SAP GRC and Security TPM

Location: Cincinnati, OH

Job Summary: We are seeking a skilled SAP GRC and Security Analyst with 3-5 years of experience to join our team. The ideal candidate will be responsible for managing and enhancing our SAP GRC and security processes, ensuring compliance with SOX and CMMC requirements, and supporting the overall security posture of our SAP environment.

Key Responsibilities:

SAP GRC Management:

• Implement and maintain SAP GRC Access Control and Process Control modules.
• Conduct risk assessments and manage risk mitigation plans.
• Monitor and report on compliance with internal policies and external regulations.

Security Administration:

• Design, implement, and manage SAP security roles and authorizations.
• Perform user access reviews and segregation of duties (SoD) analysis.
• Ensure proper user provisioning and de-provisioning processes.

SOX Compliance:

• Support SOX compliance efforts by ensuring that SAP security controls are in place and effective.
• Prepare and maintain SOX documentation and evidence for audits.
• Collaborate with internal and external auditors to facilitate SOX audits.

CMMC Compliance:

• Ensure compliance with CMMC requirements by implementing necessary security controls and practices.
• Prepare and maintain CMMC documentation and evidence for audits.
• Work with internal and external stakeholders to ensure CMMC certification and compliance.

Incident Management:

• Investigate and respond to security incidents and breaches.
• Implement corrective actions to prevent future incidents.

Continuous Improvement:

• Identify opportunities for process improvements and automation within the SAP GRC and security framework.
• Stay updated with the latest SAP security patches and updates.

Collaboration:

• Work closely with IT, internal audit, and business teams to ensure alignment on security and compliance objectives.
• Provide training and support to end-users on SAP security best practices.

Qualifications:

• Bachelor's degree in Information Technology, Computer Science, or a related field.
• 3-5 years of experience in SAP GRC and security roles.
• Strong understanding of SAP GRC Access Control and Process Control modules.
• Experience with SOX and CMMC compliance and audit processes.
• Proficiency in SAP security concepts, including roles, authorizations, and user management.
• Knowledge of segregation of duties (SoD) principles and risk management.
• Excellent analytical and problem-solving skills.
• Strong communication and interpersonal skills.
• SAP GRC certification is a plus.

Preferred Skills:

• Experience with SAP S/4HANA.
• Familiarity with other compliance frameworks (e.g., GDPR, HIPAA).
• Experience with SAP security tools and technologies.
• Understanding of CMMC levels and requirements.