This job might no longer be available.

SAP S/4 Governance, Risk & Compliance Lead

Job Description:

Magic Leap’s Technology Solutions and Services (TSS) team is seeking a hands on SAP S/4 Governance, Risk & Compliance (GRC) Lead to provide strategic and tactical leadership for the design, build, implementation and maintenance of our SAP GRC platform.

Responsibilities:

• Work with the Business users to design, develop and maintains Magic Leap’s SAP user management and security architecture, including hands-on design and build across a complex SAP architecture, including but not limited to S/4 HANA, GRC, Fiori, Hybris Commerce, Hybris Billing and other SAP related cloud applications (SuccessFactors, Ariba, Concur, etc).
• Develop and implement SAP security policies, processes, architecture, training, and communications. This function includes identifying and implementing security solutions and proactively remediating vulnerabilities with existing solutions.
• Proactively analyze & understand the risks associated with application security exposures, provide solutions to eliminate/reduce exposure.
• Monitor to ensure compliance with Magic Leap IT security standards and the SAP IT security framework.
• Ensure adherence to government and corporate security guidelines including SOD, SOX, and other privacy related standards such as GDPR.
• Responsible for working with the Enterprise Architects, solution architects and business process owners to translate business requirements into SAP security design.
• Assist in periodic control activities such as regular review of user access, critical role review, and annual IT control testing support.
• Administration of SAP GRC configuration, rule sets, workflows and approvers for user provisioning, emergency access and access recertification.
• Develop and deliver documentation and training as needed to ensure proper system usage and understanding.
• Design and deploy security reporting based on business requirements.
• Performs Segregation of Duties analysis and manages the mitigation process; monitor production environments for security violations.
• Perform system measurement for SAP licensing purposes and monthly metrics.
• Oversee the compliance and audit requests including monthly internal reviews, quarterly IT self-testing, semi-annual internal audits and annual external audits.
• Lead and oversee a team of Operations Support members to accomplish Security Support tasks.

Qualifications:

• Must have 12+ years of overall IT experience, with 8+ years of SAP Security and GRC experience
• Strong understanding of information security management principles, SAP application security implementation methodologies, and SAP user and role management tools
• In-Depth understanding and implementation knowledge of SAP GRC Access Control and Process Control
• Solid experience with SAP security across various applications including but not limited to S/4 HANA, Fiori, Hybris Commerce, Hybris Billing and other SAP cloud systems (SuccessFactors, Ariba, Concur, etc)
• In-depth understanding of SAP Security roles and authorization concept
• Solid understanding of SOX compliance laws, SOD conflict issues
• Expert level knowledge of various Audit and Security controls
• Ability to work effectively across a cross section of organization (Internal Audit, functional teams, business process leads ,etc.)
• Completion of a full lifecycle SAP GRC Access control implementation
• Must have good understanding of SAP process knowledge and SODs
• Expert knowledge of business processes across Finance, Sales, Supply Chain, Human Resources
• Information security and/or SAP GRC professional certification(s) preferred.

• Bachelor’s degree from four-year college or university with a minimum of 10 years of related post-graduate work experience.

Additional Information