Beschreibung
Security Lead
Description
The Security Lead has ownership of the project deliverables in the SAP application security & GRC workstream. The Security Lead will be driving interactions with the Business, Project Management, and across the Release 3 workstreams. The Security Lead will be responsible for driving activities within their own workstream, assign and schedule resources, and monitor deliverable progress.
Skills
The Security Lead must have:
- The ability to guide and direct Security team members
- The ability to work both in a management capacity, and in a detailed, hands-on capacity.
- Be experienced in identifying and articulating issues/obstacles regarding application security issues
- Strategizes holistic level and detailed level to solve complex business and technology issues ensuring that the IT and business teams are aligned
- Working knowledge of SAP business processes
- Knowledge of SAP authorization concepts including BW and HR security
- Knowledge of SAP GRC Access Controls - preferably 10.0 and above
- Knowledge about SAP controls, segregation of duties, and applicable external regulations (eg, Sarbanes - Oxley, Privacy)
- Experience with SAP security implementations
- Interpersonal skills:
- Self-motivated with the ability to work independently as well as with a team
- Identify and effectively communicate issues should be escalated and to where
- Liaison with other teams and business, representing the views and reputation of IT security and the R3 program
- Exert influence through all levels of the program and stakeholder management
- Negotiate resolutions which are satisfactory to all stakeholders
- Effectively collaborate with multiple teams formally and informally
- Provide clear and precise direction and responding in a timely manner
- Facilitation skills seeking alignment and consensus through a clear process.
- Effectively lead and take ownership when necessary where any ambiguity exists
- Communication:
- Proven written communications to present approach, views, issues, and solutions
- Deliver formal and informal presentations to stakeholders across the organization
- Proactive participation across workstreams, PMO, and R3 program level
- Facilitating continuously across the Legacy streams to develop a team unity and common direction
- Clearly and simply communicate complex situations to key stakeholders in business terms
- Effectively communicate by portraying a calm and organized manner inspiring confidence
Key Responsibilities
- Lead the overall SAP security & GRC activities on the project
- Lead discussions and workshops with the Business Leads and Stakeholders in gathering security requirements, defining the roles, identifying gaps in the global template, and defining ownership
- Lead the effort in defining data protection requirements within SAP
- Lead the effort in defining approaches and deliverables for all phases of the project including build, test, and deployment
- Ensures appropriate controls are implemented with SAP security and coordinates alignment with Internal Audit and IT Compliance
- Lead the effort to identify requirements for GRC including and SOD rules
- Assist in role mapping activities with Change Management workstream as it relates to defining access for deployment
- Manage and communicate progress, issues, and status with PMO
- Identify critical path and dependencies/deadlines for security workstream
- Identify and manage complex inter-project dependencies
- Coordinate the work effort of the various leads that are delivering projects within the program to deliver on time, to budget, with project interdependencies identified and actively managed so that the overall impact is minimized to the business.
- Communicate awareness information on SAP security policies, standard, procedures and guidelines
- Manage on-shore and off-shore resources for the security configuration and troubleshooting
- Lead the effort in defining post go live support model for security that aligns with existing processes and standards