IT Security Analyst for Bundesdruckerei GmbH monitoring security events in diverse infrastructures. Collaborating within the Blue Team and responding to security incidents.
About the role
- Senior SAP Security Analyst designing and managing security controls in SAP environments for Boeing. Collaborating across teams to enhance security posture and compliance in aerospace operations.
Responsibilities
- Lead design, implementation, and operation of SAP security controls across SAP Enterprise Resource Planning Central Component (ECC) and S/4HANA environments, including role design, role mining, and role optimization
- Provide expert guidance on RBAC and ABAC configuration for S/4HANA, Master Data Governance (MDG), SAP Global Trade Services (GTS), Business Warehouse (BW), HANA Database environments, and custom ABAP developments, review transportation and change controls for security impact
- Ensure SAP RBAC and ABAC support export control data handling International Trade Arms and Regulations (ITAR), U.S. Export Administration Regulations (EAR), United Kingdom Ministry of Defense regulations (UK MOD) and program-specific access restrictions
- Assist with attestation and evidence collection for internal audit, external auditors, Global Trade Compliance (GTC) reviews, and Sarbanes-Oxley Act (SOX) compliance reviews
- Understand legal privacy requirements managing Personally Identifiable Information (PII) and General Data Protection Regulation (GDPR) requirements and how to apply appropriate security controls
- Understand enterprise policies and processes and apply to SAP application RBAC and ABAC controls
- Enforce, and continuously improve Segregation of Duties (SoD) rules and remediate violations in partnership with business process owners
- Implement and manage privileged access controls, including privileged account discovery, monitoring, and logging
- Drive security risk assessments, perform access reviews and attestations, and report compliance status to internal audit and external regulators
- Stay current with SAP security best practices and help deploy roadmap items such as S/4HANA security hardening, Fiori security, and cloud or Software as a Service (SaaS) integration
- Mentor, coach, and identify development opportunities for a team of SAP security analysts
- Support incident response, investigate potential access breaches, and lead post-incident reviews
- Document processes, update runbooks, standardize security implementation methodology and develop implementation playbook, and develop quick reference guides for user self-service
Requirements
- 5 + years of experience with SAP Security and/or SAP GRC
- 5+ years of experience in Role Based Access Control (RBAC) leveraging Panorama
- 5+ years of experience with SAP S/4HANA, and ERP operational processes
- 5+ years of Fiori experience
- 5+ years of experience in SOX, SOX audits, process improvements, and policy creation
- 5+ years of experience with cross-functional teams, involving key stakeholder relationship management
- Bachelor's degree or equivalent work or military experience (preferred)
- Active government clearance (e.g., Secret, Top Secret) (preferred)
- Certifications such as SAP Certified Technology Associate/Professional in security topics, Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), or Identity and access management (IAM) related (preferred)
Benefits
- Health insurance
- Flexible spending accounts
- Health savings accounts
- Retirement savings plans
- Life insurance
- Disability insurance
- Paid time off
Job title
Job type
Experience level
Salary
Degree requirement
Tech skills
Location requirements
Cyber Security Analyst within the Cyber Security Governance, Risk and Compliance team. Supporting effective management and oversight of cyber risk at Heathrow Airport.
Cyber Security Analyst focusing on security telemetry and metrics for Heathrow operations. Enhancing organizational cyber resilience through actionable intelligence and reporting.
Security Analyst monitoring systems and providing expertise for cybersecurity solutions at GoSecure. Engage in proactive analysis, incident response, and system oversight.
Security Analyst focusing on brand protection against online fraud and phishing attacks. Investigating threats, pursuing takedowns, and supporting sales evaluations in a hybrid work environment.
Jr. Vulnerability Management Analyst at OneDigital managing security vulnerabilities across infrastructure. Collaborating with IT teams to ensure timely remediation and effective reporting.
Offensive Security Analyst specializing in Red Team operations for AI/ML systems at Vanguard. Collaboration with data scientists and security teams to protect AI infrastructure.
IT Cybersecurity Analyst supporting vulnerability management and incident response for WEC Energy Group's cybersecurity infrastructure. Collaborating with teams to enhance security posture and mitigate risks.
IAM Security Engineer managing identity and access governance at WEC Energy Group. Collaborating on IAM solutions and troubleshooting access management issues.
Senior CyberSecurity Analyst focusing on identifying and responding to email borne threats at Proofpoint. Collaborating with a global team to develop detection signatures against phishing, malware, and spam attacks.