Posted on
The SAP Security GRC Specialist (S3) ensures all functional, technical, and administrative roles within the application are established, monitored, and auditable. The S3 is the primary configuration analyst of the Government Risk and Compliance (GRC) module. The GRC module enables SAP to be accredited for use on a government / military network. The S3 works closely with Cybersecurity (both contractor and government) to ensure the application's role based authorities (i.e. checks and balances) are documented, managed, and auditable. The S3 is key in ensuring SAP Roles are configured in a manner that supports separation of duties which consequently ensures the "need to know" paradigm is enforced.
• Build, review, testing, troubleshooting, and documentation of current or new MSMP workflows
• Build, review, testing, troubleshooting, and documentation of Cross System configuration and custom risk analysis objects
• Updates to BRF+ tables
• Testing, troubleshooting, and documentation support for project go-lives.
• Onboarding of additional SAP systems into the GRC toolset.
• Build, review, testing, troubleshooting, and documentation of current or new MSMP workflows
• Build, review, testing, troubleshooting, and documentation of Cross System configuration and custom risk analysis objects
• Updates to BRF+ tables
• Testing, troubleshooting, and documentation support for project go-lives.
• Onboarding of additional SAP systems into the GRC toolset.