SAP IT Compliance Consultant

Description

This job will have the following responsibilities 1. SAP Application & Security Controls Understanding of SAP S4/HANA, GRC and security best practices. In depth knowledge of SAP functionality and business applications. Centrally maintain the SAP IT application controls listing, corresponding IT and business owners, and controls to prevent unauthorized. Coordinate, track, and report the status of application control remediation efforts.2. SOX IT Compliance and General IT Controls Maintain the list of FMC SOX ITGC and application controls. Work with IT resources to assist them in managing their controls and security activities. Partner with IT Control owners to update the SOX IT Control Book. Track, evaluate, and report on the effectiveness and timely completion of IT SOX controls. Track and publish compliance metrics. Ensure policy exception approvals are documented and maintained as audit evidence. Actively track and communicate constraints, conflicts or gaps in existing processes as well as cross functional team remediation. Coordinate management responses to audit findings with corresponding evidence.3. IT Security & Risk Management Assists with IT Security Assessments (SAP). Perform compliance gap assessments. Following industry risk management best practices, methodologies, and frameworks, assist with the implementation of an enterprise risk management program.Qualifications & Requirements Knowledge of leading practices in SAP security, SAP GRC AC, ARA & EAM, Basis, and SAP business processes (such as Finance, Order to Cash, Procure to Pay, Make to Deliver) Working understanding the configuration that enables leading practice controls in the areas listed above. Excellent communication and presentation skills, both written and verbal at all levels of the organization and with external parties including auditors, agents, customers and regulators. Demonstrated ability to effectively lead teams and work with others. Strong knowledge of information security best practices, risk, and controls. Ability to proactively identify the company's significant risks. Ability to develop reports to assist in the identification and monitoring of current and emerging risks Working understanding of SAP architecture and can discuss differences between ABAP programing, configuration, master data, and transactions. CISA, CISSP would be preferred.