Sr Information Security Analyst ERP System (JD EDWARDS AND SAP) - Aloden LLC
Irving, TX 75015
About the Job
Title- Sr Information Security Analyst ERP System (JD EDWARDS AND SAP)
Location- Irving, TX (REMOTE IS FINE)
Areas of Responsibilities include:
Act as a subject matter expert for security and compliance on JD Edwards E1 and SAP systems (ECC, S4, GRC, Access Control, Process Control, ETD and others)
Identifying gaps and improvements in the current security implementation
Expansion of security capabilities to take full advantage of the JDE and SAP security tools available
Updates and implementation of Master Data such as Roles/Entitlements, Role Owners, SOD rules changes, Security Configuration, threat patterns etc.
Provide subject matter expertise and oversight as needed for projects requiring security access and compliance support
Provide training to other security team members on security services activities and domain knowledge, so that service delivery and support can be shared
Support the ongoing security service for JDE and SAP and JDE Security through:
Meeting all defined service levels and defined performance objectives
Expand automated processes and workflows to deliver on business projects
Security Strategy Development and Management
Role design and implementation
Access provisioning and de-provisioning of users
Identity life cycle and user maintenance
Serve as a leader for implementing security architecture
Possess and able to convey a strategic vision and end state design for interrelated business and security processes (i.e., Access administration and Security controls, threats and vulnerabilities)
Coordinate all security designs with various Business Units and Cybersecurity teams
Analyze and implement security requirements
Recommends and develops security measures to protect information against unauthorized modification or loss
Works closely with both technical and functional teams to ensure the success of the overall security solution
Serve as Security subject matter expert and provide advisory and consulting services as needed
Strong ability to collaborate with application teams, administration teams, and business partners to design and implement technical security solutions on JDE, SAP, and associated bolt-on applications
Experience with integration of SAP and JD Edwards security administration with Identity Management platforms is a plus
Support of SOX Compliance through:
Adherence to, and delivery of SOX controls and procedures
Support of compliance initiatives, and audits both internal and external
Support of recurring security assessments and access reviews
Support the ongoing improvement of Security & Compliance area:
Providing ideas for improvement initiatives
Self-managing through improvement projects and providing clear measurable results
Minimum Requirements
7+ years relevant security administration experience
Critical Skills
At least 2 full implementations of security on SAP and JD Edwards systems
Experience with different scripting / programming languages to expand automation and capabilities
Expertise in:
OWM security and menu
JDE E1 security design and user maintenance
At least 3 years experience in SAP GRC Access Control & Process Control
At least 3 years experience with SAP ETD administration and maintenance; implementation of Threat Patterns including design, alerts, fraud detection and user Behavioral analysis, and response planning
Cloud applications and Bus. Objects
Emergency Access and Firefighter management
SOD Risk Management & Configuration
Proficient in IT general controls, SOC and SOX requirements as they relate to security administration
Proficient in ERP security principles, technologies and solutions, delivering functionality and
services on time, on budget and to meet business needs
Audit testing & evidence collection
HANA DB Security
SAP NextGen S4 Hana
Progressively responsible experience in designing, implementing, and maintaining application Security
Deep knowledge of application security, capabilities, and limitations
Proficient in reducing the attack surface and hardening ERP system security
Proficient in ERP security principles, technologies, and solutions, delivering functionality or services on time, on budget and to meet business needs
Technical knowledge of security architecture and role-based authorization models
Proven success on multiple, enterprise-scale implementation projects or services
Additional Knowledge & Skills
Strong, proven problem-solving skills and ability to identify, analyze, and resolve problems, driving solutions to completion
Proficient in analyzing requirements, resource estimation, and allocation
Excellent in team leadership and team-based problem-solving skills
Excellent interpersonal and oral, written communication skills
Ability to translate complex technical information across all levels of the organization
Ability to self-manage on tasks and mini-projects or improvement efforts
Strong facilitation skills and a clear ability to build strong relationships with business partners at all levels
Demonstrated ability to translate business drivers and priorities into security design, policies, and procedures
Results driven, and able to collaborate with management and colleagues to share the responsibilities for achieving an end-to-end solution for customers
Strong attention to detail which ensures that customer requirements are met and that a high quality standard is achieved
Provide technical perspectives to other architecture functions to ensure that solutions effectively leverage infrastructure capabilities and services and integrate with them
Must have excellent initiative, organization, and customer service skill
Location- Irving, TX (REMOTE IS FINE)
Areas of Responsibilities include:
Act as a subject matter expert for security and compliance on JD Edwards E1 and SAP systems (ECC, S4, GRC, Access Control, Process Control, ETD and others)
Identifying gaps and improvements in the current security implementation
Expansion of security capabilities to take full advantage of the JDE and SAP security tools available
Updates and implementation of Master Data such as Roles/Entitlements, Role Owners, SOD rules changes, Security Configuration, threat patterns etc.
Provide subject matter expertise and oversight as needed for projects requiring security access and compliance support
Provide training to other security team members on security services activities and domain knowledge, so that service delivery and support can be shared
Support the ongoing security service for JDE and SAP and JDE Security through:
Meeting all defined service levels and defined performance objectives
Expand automated processes and workflows to deliver on business projects
Security Strategy Development and Management
Role design and implementation
Access provisioning and de-provisioning of users
Identity life cycle and user maintenance
Serve as a leader for implementing security architecture
Possess and able to convey a strategic vision and end state design for interrelated business and security processes (i.e., Access administration and Security controls, threats and vulnerabilities)
Coordinate all security designs with various Business Units and Cybersecurity teams
Analyze and implement security requirements
Recommends and develops security measures to protect information against unauthorized modification or loss
Works closely with both technical and functional teams to ensure the success of the overall security solution
Serve as Security subject matter expert and provide advisory and consulting services as needed
Strong ability to collaborate with application teams, administration teams, and business partners to design and implement technical security solutions on JDE, SAP, and associated bolt-on applications
Experience with integration of SAP and JD Edwards security administration with Identity Management platforms is a plus
Support of SOX Compliance through:
Adherence to, and delivery of SOX controls and procedures
Support of compliance initiatives, and audits both internal and external
Support of recurring security assessments and access reviews
Support the ongoing improvement of Security & Compliance area:
Providing ideas for improvement initiatives
Self-managing through improvement projects and providing clear measurable results
Minimum Requirements
7+ years relevant security administration experience
Critical Skills
At least 2 full implementations of security on SAP and JD Edwards systems
Experience with different scripting / programming languages to expand automation and capabilities
Expertise in:
OWM security and menu
JDE E1 security design and user maintenance
At least 3 years experience in SAP GRC Access Control & Process Control
At least 3 years experience with SAP ETD administration and maintenance; implementation of Threat Patterns including design, alerts, fraud detection and user Behavioral analysis, and response planning
Cloud applications and Bus. Objects
Emergency Access and Firefighter management
SOD Risk Management & Configuration
Proficient in IT general controls, SOC and SOX requirements as they relate to security administration
Proficient in ERP security principles, technologies and solutions, delivering functionality and
services on time, on budget and to meet business needs
Audit testing & evidence collection
HANA DB Security
SAP NextGen S4 Hana
Progressively responsible experience in designing, implementing, and maintaining application Security
Deep knowledge of application security, capabilities, and limitations
Proficient in reducing the attack surface and hardening ERP system security
Proficient in ERP security principles, technologies, and solutions, delivering functionality or services on time, on budget and to meet business needs
Technical knowledge of security architecture and role-based authorization models
Proven success on multiple, enterprise-scale implementation projects or services
Additional Knowledge & Skills
Strong, proven problem-solving skills and ability to identify, analyze, and resolve problems, driving solutions to completion
Proficient in analyzing requirements, resource estimation, and allocation
Excellent in team leadership and team-based problem-solving skills
Excellent interpersonal and oral, written communication skills
Ability to translate complex technical information across all levels of the organization
Ability to self-manage on tasks and mini-projects or improvement efforts
Strong facilitation skills and a clear ability to build strong relationships with business partners at all levels
Demonstrated ability to translate business drivers and priorities into security design, policies, and procedures
Results driven, and able to collaborate with management and colleagues to share the responsibilities for achieving an end-to-end solution for customers
Strong attention to detail which ensures that customer requirements are met and that a high quality standard is achieved
Provide technical perspectives to other architecture functions to ensure that solutions effectively leverage infrastructure capabilities and services and integrate with them
Must have excellent initiative, organization, and customer service skill
Source : Aloden LLC