1. Home
  2. BAS Access – Junior GRC and Enterprise Role Management Specialist
Expires soon
Bp

BAS Access – Junior GRC and Enterprise Role Management Specialist

  • Kuala Lumpur, Malaysia
  • Project / Product management
Apply Now

Job description

Segment

Corporate & Functions
Role synopsis

Business Application Services (BAS) is vested with the authority and accountability for:
·  Delivering end to end support and development services for all BP IT applications and providing the right skills/knowledge to sustain and enhance those applications/solutions.
·  Standardising ways of working and driving efficiencies by bringing together common skills, technologies, and platforms to encourage reuse.
·  Retaining key BP solution IP, ensuring that Applications are designed, built, implemented and sustained to meet current and future business needs.
·  Building and managing Technical Environments underpinning the applications/solutions including common Basis administration and DBA layers.
·  Assuring the quality of enhancement design, and providing deep-knowledge support to Vendors where appropriate.
·  Owning key application technical standards and procedures to be performed by suppliers.
·  Provisioning of all AD/AM capability to support projects and L3 support from vendors
·  Owning application risk management, disaster recovery planning, and service continuity outcomes Within the Business Application Services, the Access team is responsible for:
·  The effective management of all access problems, incidents, and events for Application Development with a focus on integrating internal and external partners so as to restore adversely impacted operations back to normal service as quickly as possible.
·  Assuring activities such as access related root cause analysis and trend analysis are performed over problems, incidents, and adverse events such that permanent fixes to problems, incidents, and negative events are found and implemented.
·  Provisioning of pool of skilled resources focusing on Business Application
·  Services Security, Access development and maintenance.
·  Monitoring and ensuring compliance to corporate security policies and regulatory guidance with regards to user access and broader information security matters.
·  Owning application and database environment security e.g. to include, internet facing and internal certificates, BAS and vendor Keon user class ownership, Firewall single point of contact, Database and Application baseline standard for applicable BAS environments.
The BAS Access Junior GRC and ERM Specialist has responsibility for:
·  Supporting Compliance (Group Control, BAS and ASR's) around SAP and Non-SAP Security Governance, Risk and Compliance (GRC). This involves applying experience to run SOD analysis over roles and users and implement SOD Mitigations.
·  Supporting the BAS GRC Owner in maintaining Access Controls for BP roles and users of BAS applications.
·  Conducting Access Risk Analysis and implementing SOD Mitigations as guided by the GRC Owner
·  Assisting the BAS GRC Owner in reviewing and monitoring of Access Violation Management rules and procedures, risk mitigation activities and the like.
·  Working in the identity governance and administration space to assist in analyzing and providing guidance on enterprise roles across the entire application landscape.
·  Developing IGA strategies along the ERM architect to simplify the automation and deployment of access across BP systems.
Req ID

78208BR
Location

Malaysia - Central - Kuala Lumpur
Is this a part time position?

No
Relocation available

No
Travel required

Yes - up to 25%
Key accountabilities

·  Works with the GRC Owner to design and build GRC process controls in line with the SMART methodology as well as other BP standard methodologies.
·  Works with the GRC Owner to implement access management policies around risk analysis and risk mitigation within the relevant process areas, and completing relevant security SMART and other BP standard design documents
·  Ensures that GRC procedures and controls are implemented in a controlled and timely manner and in line with BP Security standards.
·  Works with the GRC Owner to deliver Operational, Process and Compliance Reporting to BAS and provide L3 SAP Security support as required.
·  Works with the GRC Owner to ensure SAP Security Governance Risk and Compliance (GRC) issues are addressed
·  Analyzing Enterprise Roles across business applications, developing consistent strategies across business applications
Essential Education

·  Bachelor degree in Information Technology or other relevant degree
·  Relevant SAP Security Certifications
·  Relevant CISSP, CISM, CISA or equivalent certification
·  Extensive knowledge of SAP ERP System processes in one or more of the following areas: Finance, Order to Cash, Supply Chain Operations, Transportation/Logistics and Purchase to Pay, Business Warehouse/ Management Information
·  Proven self-motivator with ability to network effectively
·  Demonstrated ability to self-direct work and complete tasks independently
Desirable criteria and qualifications

·  Financial acumen/commercial awareness
·  Project Management experience
·  Project Delivery Methodology experience
·  ITIL3 awareness
About BP

Our business is the exploration, production, refining, trading and distribution of energy. This is what we do, and we do it on a truly global scale. BP operates with business activities and customers in more than 80 countries across six continents. Every day, we serve millions of customers around the world. We are continually looking for talented, committed and ambitious people to help us shape the face of energy for the future.

BP is one of the three largest energy companies in the world, operating in over 100 countries across 6 continents. Information Technology & Services (IT&S), provides a full range of IT services to BP's global business segments.

IT&S plays a critical role in the delivery of defined world-class operational services that BP businesses can rely upon in support of their own performance. Our specific accountabilities include the delivery of services to specified target levels, including availability, recoverability and cost to the corporation. These services must also be delivered safely and secured against the growing risk of viruses and other security threats.

We aim to benchmark our performance favorably against a defined peer group of the world's best and intend to deliver our services with professionalism to rival any major business corporation in the world - this is what we mean by being 'World Class'. To achieve this exciting level of performance will require a commensurate level of enthusiasm, commitment and expertise in our people.
Application close date

24-Mar-2017
Sub-category

Architecture & Design
Job category

Information Technology & Services
Countries (State/Region)

Malaysia

Desired profile

Essential experience and job requirements

·  SAP and Non SAP security skills and experience, with some breadth of experience with multiple SAP products including SAP Ariba, Concur, Fieldglass, GRC (AVM), Success Factor, Cloud solution, Mobility, HANA Security, IAM using IBM Identity solutions, IGA tooling and methodologies
·  Ideally has SAP implementation and Identity and Access Management experience
·  Good understanding of BP policies and industry best practices
·  Ability to work well with geographically dispersed teams
·  An awareness of BP business and Information Technology and Services (IT&S) strategies
Other Requirements (eg Travel, Location)

Minimal traveling up to 25%

Make every future a success.
  • Job directory
  • Business directory
    •