Experience configuring and administering SAP GRC (Governance, Risk, and Compliance) to support government/military accreditation with auditable roles
Proficiency with MSMP workflows, BRFplus, risk analysis objects, and cross-system configuration
Strong knowledge of separation of duties (SoD) and need-to-know access controls
Experience in testing, documentation, and support for project go-lives and onboarding SAP systems into the GRC toolset
Requirements:
Build, review, testing, troubleshooting, and documentation of current or new MSMP workflows
Build, review, testing, troubleshooting, and documentation of cross-system configuration and custom risk analysis objects
Updates to BRFplus and tables
Testing, troubleshooting, and documentation support for project go-lives
Job description
The SAP Security GRC Specialist (S3) ensures all functional, technical, and administrative roles within the application are established, monitored, and auditable. The S3 is the primary configuration analyst of the Government Risk and Compliance (GRC) module. The GRC module enables SAP to be accredited for use on a government / military network. The S3 works closely with Cybersecurity (both contractor and government) to ensure the application's role based authorities (i.e. checks and balances) are documented, managed, and auditable. The S3 is key in ensuring SAP Roles are configured in a manner that supports separation of duties which consequently ensures the "need to know" paradigm is enforced.
• Build, review, testing, troubleshooting, and documentation of current or new MSMP workflows
• Build, review, testing, troubleshooting, and documentation of Cross System configuration and custom risk analysis objects
• Updates to BRF+ tables
• Testing, troubleshooting, and documentation support for project go-lives.
• Onboarding of additional SAP systems into the GRC toolset.
