HCLTech
Polyguard
← All roles

SAP & Enterprise Apps

SAP Security and GRC Senior Product Specialist

Chicago, United States

Verified applicants only — secured by Polyguard

Job Summary

Key Responsibilities:

  1. Security Architecture Design:
    1. Design and develop the overall security architecture for SAP systems, considering best practices and industry standards.
    2. Define and implement security policies, guidelines, and procedures to protect SAP applications, databases, and infrastructure.
    3. Collaborate with solution architects to integrate security requirements into the design of new SAP solutions and projects.
    4. Define custom code security, application security hardening and tools required for DevSecOps.
  2. Identity and Access Management:
    1. Implement and manage user authentication, authorization, and access controls for SAP systems.
    2. Design and maintain role-based access controls (RBAC) and segregation of duties (SoD) policies.
    3. Oversee user provisioning, de-provisioning, and role assignment processes.
  3. Security Monitoring and Incident Response:
    1. Establish and maintain SAP security monitoring and logging mechanisms.
    2. Monitor for security incidents, vulnerabilities, and breaches in SAP systems.
    3. Develop and execute incident response plans, ensuring timely resolution of security issues.
  4. Compliance and Governance:
    1. Ensure SAP systems adhere to relevant industry regulations (e.g., GDPR, SOX) and internal security standards.
    2. Conduct regular security assessments and audits to identify and address potential risks.
    3. Collaborate with internal and external auditors to provide necessary information and reports.
  5. Security Training and Awareness:
    1. Provide training and awareness programs to educate SAP users on security best practices.
    2. Foster a culture of security awareness and compliance throughout the organization.
  6. Collaboration and Communication:
    1. Work closely with cross-functional teams to align security objectives with business goals.

Communicate complex security concepts to technical and non-technical stakeholders.

Key Responsibilities

1. Implement and manage sap security grc solutions to ensure alignment with business requirements and compliance standards.
2. Develop and maintain access controls, user roles, and authorization management within sap systems.
3. Monitor and analyze sap security logs, assess risks, and implement corrective actions to mitigate potential threats.
4. Collaborate with cross functional teams to integrate security measures into sap solutions and enhance overall security posture.
5. Conduct regular security assessments, audits, and remediation activities to uphold sap security best practices.
6. Provide guidance and support to internal stakeholders on sap security policies, procedures, and processes.

Skill Requirements

1. Proficiency in sap security governance, risk, and compliance (grc) administration.
2. In-depth knowledge of sap security concepts, including role design, authorization objects, and user provisioning.
3. Experience with implementing and managing sap grc access control, process control, and risk management modules.
4. Strong analytical and problem-solving skills to identify security vulnerabilities and implement effective solutions.
5. Excellent communication and interpersonal skills to collaborate with teams and communicate security requirements effectively.

Other Requirements

1.SAP Certified Technology Associate SAP Authorization and Auditing for SAP NetWeaver (if applicable)

Apply for this role

Complete the form below. When you submit, you’ll be asked to complete a quick Polyguard Trust Check on your phone, and your application is only sent once verification passes.

U.S. Equal Opportunity Employment Information (Completion is voluntary)

Individuals seeking employment at our company are considered without regards to race, color, religion, national origin, age, sex, marital status, ancestry, physical or mental disability, veteran status, gender identity, or sexual orientation. You are being given the opportunity to provide the following information in order to help us comply with federal and state Equal Employment Opportunity/Affirmative Action record keeping, reporting, and other legal requirements.

Completion of the form is entirely voluntary. Whatever your decision, it will not be considered in the hiring process or thereafter. Any information that you do provide will be recorded and maintained in a confidential file.

If you believe you belong to any of the categories of protected veterans listed below, please indicate by making the appropriate selection. As a government contractor subject to Vietnam Era Veterans Readjustment Assistance Act (VEVRAA), we request this information in order to measure the effectiveness of the outreach and positive recruitment efforts we undertake pursuant to VEVRAA. Classification of protected categories is as follows:

A "disabled veteran" is one of the following: a veteran of the U.S. military, ground, naval or air service who is entitled to compensation (or who but for the receipt of military retired pay would be entitled to compensation) under laws administered by the Secretary of Veterans Affairs; or a person who was discharged or released from active duty because of a service-connected disability.

A "recently separated veteran" means any veteran during the three-year period beginning on the date of such veteran's discharge or release from active duty in the U.S. military, ground, naval, or air service.

An "active duty wartime or campaign badge veteran" means a veteran who served on active duty in the U.S. military, ground, naval or air service during a war, or in a campaign or expedition for which a campaign badge has been authorized under the laws administered by the Department of Defense.

An "Armed forces service medal veteran" means a veteran who, while serving on active duty in the U.S. military, ground, naval or air service, participated in a United States military operation for which an Armed Forces service medal was awarded pursuant to Executive Order 12985.

Form CC-305
OMB Control Number 1250-0005

Voluntary Self-Identification of Disability

Why are you being asked to complete this form?

Because we do business with the government, we must reach out to, hire, and provide equal opportunity to qualified people with disabilities. To help us measure how well we are doing, we are asking you to tell us if you have a disability or if you ever had a disability.

Completing this form is voluntary, but we hope that you will choose to fill it out. If you are applying for a job, any answer you give will be kept private and will not be used against you in any way.

How do you know if you have a disability?

You are considered to have a disability if you have a physical or mental impairment or medical condition that substantially limits a major life activity, or if you have a history or record of such an impairment or medical condition.

Disabilities include, but are not limited to:

  • Blindness
  • Deafness
  • Autism
  • Cancer
  • Diabetes
  • Epilepsy
  • HIV/AIDS
  • Schizophrenia
  • Muscular dystrophy
  • Cerebral palsy
  • Multiple sclerosis (MS)
  • Major depression
  • Bipolar disorder
  • Post-traumatic stress disorder (PTSD)
  • Obsessive compulsive disorder
  • Intellectual disability (previously called mental retardation)
  • Missing limbs or partially missing limbs
  • Impairments requiring the use of a wheelchair

Section 503 of the Rehabilitation Act of 1973, as amended. For more information about this form or the equal employment obligations of Federal contractors, visit the U.S. Department of Labor’s Office of Federal Contract Compliance Programs (OFCCP) website at www.dol.gov/ofccp.

Protected by Polyguard.