Magic Leap’s Technology Solutions and Services (TSS) team is seeking a hands on SAP S/4 Governance, Risk & Compliance (GRC) Lead to provide strategic and tactical leadership for the design, build, implementation and maintenance of our SAP GRC platform.
- Work with the Business users to design, develop and maintains Magic Leap’s SAP user management and security architecture, including hands-on design and build across a complex SAP architecture, including but not limited to S/4 HANA, GRC, Fiori, Hybris Commerce, Hybris Billing and other SAP related cloud applications (SuccessFactors, Ariba, Concur, etc).
- Develop and implement SAP security policies, processes, architecture, training, and communications. This function includes identifying and implementing security solutions and proactively remediating vulnerabilities with existing solutions.
- Proactively analyze & understand the risks associated with application security exposures, provide solutions to eliminate/reduce exposure.
- Monitor to ensure compliance with Magic Leap IT security standards and the SAP IT security framework.
- Ensure adherence to government and corporate security guidelines including SOD, SOX, and other privacy related standards such as GDPR.
- Responsible for working with the Enterprise Architects, solution architects and business process owners to translate business requirements into SAP security design.
- Assist in periodic control activities such as regular review of user access, critical role review, and annual IT control testing support.
- Administration of SAP GRC configuration, rule sets, workflows and approvers for user provisioning, emergency access and access recertification.
- Develop and deliver documentation and training as needed to ensure proper system usage and understanding.
- Design and deploy security reporting based on business requirements.
- Performs Segregation of Duties analysis and manages the mitigation process; monitor production environments for security violations.
- Perform system measurement for SAP licensing purposes and monthly metrics.
- Oversee the compliance and audit requests including monthly internal reviews, quarterly IT self-testing, semi-annual internal audits and annual external audits.
- Lead and oversee a team of Operations Support members to accomplish Security Support tasks.
- Must have 12+ years of overall IT experience, with 8+ years of SAP Security and GRC experience
- Strong understanding of information security management principles, SAP application security implementation methodologies, and SAP user and role management tools
- In-Depth understanding and implementation knowledge of SAP GRC Access Control and Process Control
- Solid experience with SAP security across various applications including but not limited to S/4 HANA, Fiori, Hybris Commerce, Hybris Billing and other SAP cloud systems (SuccessFactors, Ariba, Concur, etc)
- In-depth understanding of SAP Security roles and authorization concept
- Solid understanding of SOX compliance laws, SOD conflict issues
- Expert level knowledge of various Audit and Security controls
- Ability to work effectively across a cross section of organization (Internal Audit, functional teams, business process leads ,etc.)
- Completion of a full lifecycle SAP GRC Access control implementation
- Must have good understanding of SAP process knowledge and SODs
- Expert knowledge of business processes across Finance, Sales, Supply Chain, Human Resources
- Information security and/or SAP GRC professional certification(s) preferred.
- Bachelor’s degree from four-year college or university with a minimum of 10 years of related post-graduate work experience.
- All your information will be kept confidential according to Equal Employment Opportunities guidelines.