Job title : Sr.Information Security Analyst ERP System
Location Irving TX (REMOTE IS FINE)
Job Type : Contract
Job Description :
This position is for a Senior Information Security Analyst supporting JD Edwards and SAP Security & Compliance. Primary responsibility is to provide security administration security design and security improvement initiatives.
Areas of Responsibilities include:
Act as a subject matter expert for security and compliance on JD Edwards E1 and SAP systems (ECC S4 GRC Access Control Process Control ETD and others) Identifying gaps and improvements in the current security implementation Expansion of security capabilities to take full advantage of the JDE and SAP security tools available Updates and implementation of Master Data such as Roles/Entitlements Role Owners SOD rules changes Security Configuration threat patterns etc. Provide subject matter expertise and oversight as needed for projects requiring security access and compliance support Provide training to other security team members on security services activities and domain knowledge so that service delivery and support can be shared Support the ongoing security service for JDE and SAP and JDE Security through:
- Meeting all defined service levels and defined performance objectives
- Expand automated processes and workflows to deliver on business projects
- Security Strategy Development and Management
- Role design and implementation
- Access provisioning and deprovisioning of users
- Identity life cycle and user maintenance
- Serve as a leader for implementing security architecture
- Possess and able to convey a strategic vision and end state design for interrelated business and security processes (i.e. Access administration and Security controls threats and vulnerabilities)
- Coordinate all security designs with various Business Units and Cybersecurity teams
- Analyze and implement security requirements
- Recommends and develops security measures to protect information against unauthorized modification or loss
- Works closely with both technical and functional teams to ensure the success of the overall security solution
- Serve as Security subject matter expert and provide advisory and consulting services as needed
- Strong ability to collaborate with application teams administration teams and business partners to design and implement technical security solutions on JDE SAP and associated bolton applications
- Experience with integration of SAP and JD Edwards security administration with Identity Management platforms is a plus
- Support of SOX Compliance through:
- Adherence to and delivery of SOX controls and procedures
- Support of compliance initiatives and audits both internal and external
- Support of recurring security assessments and access reviews
- Support the ongoing improvement of Security & Compliance area:
- Providing ideas for improvement initiatives
- Selfmanaging through improvement projects and providing clear measurable results
Minimum Requirements
7 years relevant security administration experience Critical Skills At least 2 full implementations of security on SAP and JD Edwards systems Experience with different scripting / programming languages to expand automation and capabilities Expertise in: OWM security and menu JDE E1 security design and user maintenance At least 3 years experience in SAP GRC Access Control & Process Control At least 3 years experience with SAP ETD administration and maintenance; implementation of Threat Patterns including design alerts fraud detection and user Behavioral analysis and response planning Cloud applications and Bus. Objects Emergency Access and Firefighter management SOD Risk Management & Configuration Proficient in IT general controls SOC and SOX requirements as they relate to security administration Proficient in ERP security principles technologies and solutions delivering functionality and
services on time on budget and to meet business needs Audit testing & evidence collection HANA DB Security SAP NextGen S4 Hana Progressively responsible experience in designing implementing and maintaining application Security Deep knowledge of application security capabilities and limitations Proficient in reducing the attack surface and hardening ERP system security Proficient in ERP security principles technologies and solutions delivering functionality or services on time on budget and to meet business needs Technical knowledge of security architecture and rolebased authorization models Proven success on multiple enterprisescale implementation projects or services Additional Knowledge & Skills
- Strong proven problemsolving skills and ability to identify analyze and resolve problems driving solutions to completion
- Proficient in analyzing requirements resource estimation and allocation
- Excellent in team leadership and teambased problemsolving skills
- Excellent interpersonal and oral written communication skills
- Ability to translate complex technical information across all levels of the organization
- Ability to selfmanage on tasks and miniprojects or improvement efforts
- Strong facilitation skills and a clear ability to build strong relationships with business partners at all levels
- Demonstrated ability to translate business drivers and priorities into security design policies and procedures
- Results driven and able to collaborate with management and colleagues to share the responsibilities for achieving an endtoend solution for customers
- Strong attention to detail which ensures that customer requirements are met and that a high quality standard is achieved
- Provide technical perspectives to other architecture functions to ensure that solutions effectively leverage infrastructure capabilities and services and integrate with them
- Must have excellent initiative organization and customer service skill