Senior SAP Role Governance Engineer
Warsaw, POLAND IT development
Job description
SAP Role Design
·
When introducing any new domain functionalities (e.g. new transaction/report): Translate business requests to functional and technical design specification for end-user security roles and needed authorization checks. This applies to legacy SAP system, as well as introduction of new UX (Fiori) and S/4HANA systems.
·
When introducing any new business objects (e.g. new legal entity or plant code): Technical assistance and guidance to the Security BPX and service provider (e.g. EY SDS service, LTI) on new role creation and existing roles maintenance.
·
Interpret and adopt SAP role design company standards set by SAP Role architect(s)
·
(Where applies) Participate/drive cleanup work of current SAP roles including design/implementation efforts of new roles design for current SAP roles
·
Bring up critical decisions to role design council and actively participate in others domain's requests in role design council
SAP Role Implementation
·
Govern work of Security Design Specialist (SDS) vendor experts that make updates to SAP roles.
·
(Where applies) Personally implementing role additions/changes in development system(s)
·
Work with business operations and project teams to troubleshoot any SAP security issues
SAP Role Governance
·
Manage all domain SAP roles lifecycle (e.g. keep inventory, regularly review what are unused roles, delete them)
·
Identify Risks and compliance issues by running segregation of duties checks, critical ability checks
·
Identify the risks in business process, provide remediation & mitigations solutions for audit compliance
·
Ensure security is properly implemented in all application changes, through domain change advisory boards
·
Drive elimination/replacement of non-optimal / non-standard solutions (such as SE16 -> replace with SAP CDS)
Audits support
·
Support internal and external audits to ensure process compliance
·
Own all audit and compliance issues in domain and drive to closure.
Continuous Improvement
·
Proactively look for security features / enhancements coming in SAP releases and adopt those in own domain
·
Actively participate in P&G SAP security communities of practice to shape and improve the work
·
Keep up with new SAP functionality and best practices, ensuring that security stays current in P&G.
·
Continuous productivity improvements (automation, analytics) of all SAP application security work processes
·
Provide trainings on SAP application and role security to all application managers in own domain to ensure proper security not an afterthought and is embedded at all stages of a project / solution lifecycle
Job Qualifications
·
Passion for SAP technologies and solutions
·
Passion for governance and security especially for SAP
·
Demonstrated experience in SAP Application role security design and remediation (ideally 2-3 years)
·
Proficiency in SAP authorization concepts and knowledge of SAP's implementation of these concepts
·
Optional: Knowledge of new SAP capabilities and platforms like Fiori, SAP Cloud Platform and BW
·
Ideally ITIL certification
Kindly be advised that at P&G, employment is exclusively extended on the basis of an "Umowa o Pracę" (Full-time Employment Contract). Apply only if you agree to these conditions.
Job Schedule
Full time
Job Number
R000097668
Job Segmentation
Experienced Professionals (Job Segmentation)