SAP GRC Lead

First Quality was founded in 1989 and has grown to be a global privately held company with over 4,000 employees. Its corporate offices are located in Great Neck, New York, with manufacturing facilities and offices in Pennsylvania, South Carolina, Georgia, and Canada. First Quality is a diversified family of companies manufacturing consumer products ranging from Absorbent Hygiene (adult incontinence, feminine care, and baby care), Tissue (bath and towel), and Industrial (print and packaging materials), serving institutional and retail markets throughout the world. First Quality focuses on private label and branded product lines.

We are seeking a SAP GRC Lead for our First Quality Enterprises working remotely.  This position will be responsible for participating in a comprehensive ERP information systems security program, with the goal of protecting information accessed, processed, stored, and transmitted in and out of First Quality. The SAP GRC Lead is primarily responsible for providing technical and policy support as well as granting access to First Quality’s ERP applications.

He/she is responsible for participating in the review and update of SAP security policies and procedures, and to ensure compliance against Enterprise Policies. He/she works closely with the Basis Support and Administration to ensure process, change management, incident management /resolution, and overall compliance.

Primary responsibilities include:

• Create and maintain user roles and authorizations based on business needs.
• Administer and maintain end user accounts, permissions and access rights.
• Create SAP transports and work within change management guidelines ensuring that all transports moved into production maintain system integrity.
• Prepare test user IDs in order to facilitate business/project user testing in non-production environments.
• Create Firefighter roles, manage and approve access to the roles. Train users on assigned Firefighter accounts. Manage Firefighter audit logs to ensure access is authorized and approved by the role owners.
• Provide production support of existing security roles and functions.
• Support large, cross functional, globally distributed, and complex projects.

• Work with functional process teams to understand the business and processes and with mitigating control owners to make sure mitigating controls are being performed.

• Interact with senior management to discuss and explain issues affecting users.
• Design and develop SAP security solutions that meet business requirements and security standards.
• Develop and maintain documentation for SAP Security processes and procedures. Oversee enforcement of policies for SAP system security.
• Develop and drive the implementation of security best practices and standards.  Ensure regulatory requirements and industry best practices are followed.
• Provide technical guidance and operational support to other teams regarding SAP security related issues and challenges.
• Perform various security audits: quarterly user recertifications; annual user role and entitlement recertifications; and annual review of GRC tool rulesets for applicability and accuracy. Support periodic customer audits, as needed.
• Participate in SAP audit discussions, questions and help resolve SOD issues.
• SME to identify potential risks to confidentiality, integrity, and availability of the SAP environment and its data.
• Coordinate and assist in the development and execution of system conversions.
• Provide on-call and weekend support when required to support acquisitions and projects.
• Support acquisition integrations with user access and SOD analyses for acquired companies, as needed.
• Assist in diverse user access and business process internal audit reviews led by the Finance team, as required.
• Some travel (approx. 15%) to company locations required, which may require overnight stays and air/ground travel.

The ideal candidate should possess the following:

• Bachelors’ Degree – Prefer Computer Information Systems Business Administration or similar
• 7+ years’ experience in SAP Security Administration, GRC 12.x, and supervisory experience.
• Ability to function in a multi-system Microsoft environment using Word, Outlook, First Quality Intranet, the Internet, and department software applications
• Strong Knowledge and Experience on Design and development of Security roles and knowledge of SU24.
• Manage SAP security for development, quality assurance, sandbox, training, and production systems.
• Strong Knowledge and Experience configuring GRC 10/10.1 Access Controls and extending to additional back end systems.
• Experience with GRC ARA tool to identify SOD risks and mitigating controls to address them.
• Experience with the GRC EAM tool to administer, monitor and support emergency access requests.
• Strong Knowledge and Experience with SAP Authorization Concept, Roles, User Administration, SOD conflict resolution and production support.
• Experience on Security aspects with ECC, BI, SCM, TM, EWM, MDG, BW, Vistex, GRC 12.0 Portal and Solution Manager . Knowledge of SAP R/3, ECC 6 and S4/Hana user roles, security configuration and SOD conflicts.
• Detailed knowledge and ability to efficiently and accurately troubleshoot SAP security errors.
• Support for system upgrades and migrations preferred.
• Independent Thinking / Self-Initiative:  Critical thinker with ability to focus on things which matter most to achieving outcomes; Commitment to task to produce outcomes without direction and to find necessary resources.
• Creativity / Innovation:  Ability to develop unique and novel solutions to problems; View change as necessary.
• Communication/People Skills:  Ability to influence or persuade others under positive or negative circumstances; Adapt to different styles; Listen critically; Collaborate.
• Problem Solving / Analysis:  Ability to solve problems through systematic analysis of processes with sound judgment; Has a realistic understanding of relevant issues.
• Coaching / Training / Mentoring:  Actively foster actions required for desired business outcomes through ongoing constructive feedback.
• Team-Building / Team Player:  Influence the actions and opinions of others in a positive direction and build group commitment.
• High Intensity Environment:  Ability to function in a fast-paced environment with multiple activities occurring simultaneously while maintaining focus and control of workflow.
• Multi-Tasking / Time Management:  Prioritize and manage actions to meet changing deadlines and requirements within a high volume, high stress environment.
• Organizational Skills:  Ability to organize people or tasks, adjust to priorities, learn systems, within time constraints and with available resources; Detail-oriented.
• Ability to function in a fast- paced entrepreneurial environment using persuasion, expertise and judgment to affect change.
• Discretion and sensitivity requiring absolute confidentiality.
• Strong attention to detail and follow through skills.