Information Security Expert overseeing ISMS development and IT security compliance in Germany. Collaborates with management and leads regulatory requirements implementation.
About the role
- SAP Security Consultant assessing SAP security risks and implementing governance solutions. Collaborating with clients and cross-functional teams for optimal project delivery.
Responsibilities
- Lead SAP Security and GRC assessment, design, and implementation projects for clients across industries.
- Conduct client workshops and requirements gathering sessions to understand business and security needs.
- Design and configure SAP security roles, authorizations, and GRC Access Control components (Access Risk Analysis, Emergency Access Management, Access Request Management).
- Develop and enforce Segregation of Duties (SoD) policies to mitigate risks and ensure compliance.
- Deliver SAP Security and GRC gap analysis, risk assessments, and remediation plans.
- Support clients during audits by preparing documentation, reports, and facilitating access reviews.
- Provide strategic advice on SAP security best practices, compliance frameworks (SOX, GDPR, HIPAA, etc.), and process improvements.
- Collaborate with cross-functional teams including Basis, functional consultants, and IT auditors to implement secure SAP landscapes.
- Conduct end-user training sessions and knowledge transfer workshops.
- Stay abreast of SAP security trends, new releases, and regulatory changes to provide proactive consulting.
Requirements
- 5-8 years of consulting experience is necessary.
- 3+ years of SAP Security and GRC consulting experience with multiple end-to-end implementations.
- Hands-on expertise with SAP ECC and/or S/4HANA Security.
- Strong experience configuring SAP GRC Access Control modules (Access Risk Analysis, Emergency Access Management, Access Request Management).
- Excellent client-facing and communication skills with the ability to explain technical concepts to non-technical stakeholders.
- Proven track record of managing multiple client engagements and delivering quality results on time.
- Functional / Content Skills
- Strong knowledge of Sarbanes-Oxley (SOX) , Business Process controls, IT General Controls and IT governance.
- Deep understanding and practical experience Analysis and Design/Re-Design of Business process and IT General controls in SAP and Non-SAP landscape.
- Strong analytical skills and a deep understanding of the overall context of underlying business processes and technologies.
- Understanding the purpose, procedures and ways of work of internal/external audits.
- Ability to support audits and to provide the right information & data, and to mitigate and/or solve identified deficiencies and gaps.
- Technical Skills (Data, Technology, Implementation)
- Ability to retrieve and analyze and report/present data from various sources.
- Understanding of data structures, sources, flow and integration across infrastructure platforms, functional domains, and application landscapes/service.
- Up-to-date understanding of Concepts & Integration of Cloud Services, and multi-cloud environments
- Tool Skill Requirements
- A variety of ERP systems (SAP & Non-SAP), Operating systems, Databases and financial applications
- Identity and Access Management solutions and monitoring solutions such as Splunk, Qualys, Tripwire, but also in Authorization & SoD
- Analytics & reporting in area of ITGC/GRC
- IT Service Management Tools, Market Leader (SNOW, BMC, JIRA, ..)
- Experience with SAP Identity Management (IdM).
- Knowledge of cloud-based SAP security and hybrid environments.
- Experience working in Agile/Scrum environments.
- Experience in global delivery and working with offshore resources.
- Project-related mobility/willingness to travel
- Qualifications and certifications
- Bachelor’s degree in Computer Science, Information Technology, or related field.
- More than 7 years of experience in Financial / IT compliance, risk management, IT audit and/or IT controls; strong experience in an audit firm (e.g. Big Four).
- SAP Security or GRC certifications are a plus (e.g., SAP Certified Technology Associate – SAP Access Control).
- *Given that this is just a short snapshot of the role we encourage you to apply even if you don't meet all the requirements listed above. We are looking for team members who strive to make an impact and are eager to learn. If this sounds like you and you feel you have the skills and experience required, then please ****apply now. ***
Benefits
- **About Infosys Consulting **
- Be part of a globally renowned management consulting firm on the front-line of industry disruption and at the cutting edge of technology. We work with market leading brands across sectors. Our culture is inclusive and entrepreneurial. Being a mid-size consultancy within the scale of Infosys gives us the global reach to partner with our clients throughout their transformation journey.
- Our core values, IC-LIFE, form a common code that helps us move forward. IC-LIFE stands for Inclusion, **Equity **and Diversity, Client, Leadership, Integrity, Fairness, and Excellence. To learn more about Infosys Consulting and our values, please visit our careers page.
- Within Europe, we are recognized as one of the UK’s top firms by the Financial Times and Forbes due to our client innovations, our cultural diversity and dedicated training and career paths. Infosys is on the Germany’s top employers list for 2023. Management Consulting Magazine named us on their list of Best Firms to Work for. Furthermore, Infosys has been recognized by the Top Employers Institute, a global certification company, for its exceptional standards in employee conditions across Europe for five years in a row.
- We offer industry-leading compensation and benefits, along with top training and development opportunities so that you can grow your career and achieve your personal goals. Curious to learn more? We’d love to hear from you.... **Apply today!**
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Tech skills
Location requirements
IT Professional responsible for implementing innovative industrial IT solutions. Working in an agile environment while ensuring IT and OT security for production networks.
Security Compliance Specialist enhancing cybersecurity and compliance framework at Trezor. Collaborating across teams to shape security and compliance operations in the tech sector.
Cyber Security Specialist focusing on IT security measures and infrastructure protection for a motivated team. Engaging in both project work and internal security processes.
IT & Cybersecurity Intern assisting with help desk support and IT system maintenance at OBDeleven. Collaborating with teams and improving IT documentation in a fun workplace culture.
Werkstudent supporting information security management and business continuity projects for Syneco's energy operations. Engaging in the development and upkeep of management systems and reporting tools.
Security Consultant providing IT - Security Consulting by leveraging knowledge and skills to assist clients. Involved in diverse projects from analysis to execution and results presentation.
Lead functional safety for product development in PEM electrolyzers at Quest One. Collaborate with teams and support certification processes in the field of green hydrogen technology.
Consultant specializing in Cyber & Product Security for clients in a hybrid role. Focused on implementing security strategies and conducting assessments with a collaborative approach.
(Senior) Consultant in Automotive - & Product Security at Wavestone, focusing on cyber security solutions for clients in innovative projects. Collaborative work in a vibrant team environment across multiple German cities.