Loading...
Share this Job

SAP Security Consultant

The Company:  Aflac Incorporated
The Location: 

Remote, US Columbus, GA, US, 31999 Atlanta, GA, US, 30339

The Division:  Global Security
Job Id:  1402

                                                                                                                                                                                                                                                          

Job Summary

Assists with the building, promoting and maintenance of an enterprise wide SAP Governance, Risk, and Compliance (SAP GRC) program and other SAP Security systems; supports the SAP teams with the design, build, and implementation of SAP Security processes, technical requirements, and SAP Security tools to support evaluation and monitoring of enterprise wide information security program. Works as primary administrator for SAP GRC and/or SAP Security system(s) as assigned and is responsible for ensuring the system and processes associated with it meet Information Security standards and business requirements.

 

Principal Duties & Responsibilities

• Assist with the design, build, implementation of SAP Security processes, technical requirements, and supporting SAP GRC system and tools to support evaluation and monitoring of enterprise wide information security to ensure compliance with Information Security policies and standards, regulations, laws, and industry standards (GLBA, FFIEC, HIPAA, and PCI DSS).

 

• Acts as Subject Matter Expert for the SAP Security; manages SAP GRC tool health and functionality from a system perspective daily; responsible for first line support for SAP Security outages, for maintaining system according to standards and for assisting on upgrades/maintenance windows as necessary.

 

• Develop and maintain procedures for SAP Security technology and processes and transfer knowledge to other team members.

 

• Conduct audits as required by multiple Federal and State regulations, SOX, HIPAA, GLBA, PCI and applicable industry directives and as assigned by management where SAP Security expertise is required and/or ad hoc as requested

 

• Leverages technology across all SAP systems to aggregate controls, risk, and compliance information to rapidly identify and report exceptions, to ensure information quality, to streamline processes to gain efficiencies, and to ensure effectiveness of the information security program.

 

• Supports the Senior Manager, Access Control as needed to meet with regulators, auditors, and management to assist with the management of company risk as it relates to these areas and to represent the information security management governing body.

 

• Acts as primary audit support for SAP audit requests; provides timely requests to internal and external auditors for SAP GRC and other relevant SAP Security requests; keeps Senior Manager, Access Control abreast of any control changes or issues for control reporting

 

• Acts as SAP Security team lead for questions, issue triage and support for users

 

• Keeps abreast of industry trends, emerging risks, and legal and regulatory changes that may impact the SAP Security or related processes

 

• Assists with the development, maintenance and reporting of enterprise-wide SAP Security and information security related metrics as assigned

 

• Work with members of IT management to provide effective mitigation of reported security concerns and complaints

 

• Attends conferences, researches industry information and networks with peers to stay up to date on critical SAP Security trends and industry updates

 

• Monitor adherence to Aflac policies, procedures, and Information Security specific processes

 

• Performs others as duties as required

 

Education & Experience Required

  • Bachelor’s Degree in Management Information Systems, Information Security, Computer Information Systems or a related field
  • Five or more years of related experience
  • Strong knowledge of information security policies, controls, and processes as well as infrastructure (networks, servers), databases, and Internet technologies, especially covering GRC system(s)
  • Strong project management experience for global SAP technologies and systems
  • Experience in Financial and/or Insurance Services industry

Or an equivalent combination of education and experience

 

Education & Experience Preferred

  • Current designation and maintenance of a Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), Certified in Risk and Information Systems Control (CRISC) or similar certifications is highly desirable
  • Experience administering an SAP GRC tool and/or SAP Security and processes

 

 

Job Knowledge & Skills

• The ability to interface across the organization with other teams, such as system operations, infrastructure, auditors, security personnel etc.

 

• Proven abilities to deliver results using analytics and problem solving skills.

 

• Proven ability to assess risks and controls and to identify solutions to reduce risk.

 

• Demonstrated initiative and commitment for results and the ability to set priorities and manage multiple initiatives.

 

• A working knowledge of Microsoft Office Suite.

 

• Knowledge of global GRC tool administration and project management

 

• Excellent written and verbal communications skills.

 

• Ability to adjust to changing priorities while multitasking effectively.

 

• Ability to articulate security concepts to business users.

 

• Knowledge of security management standards.

 

Competencies

  • Acting with Integrity 
  • Communicating Effectively
  • Pursuing Self-Development 
  • Serving Customers 
  • Supporting Change 
  • Supporting Organizational Goals 
  • Working with Diverse Populations


Nearest Major Market: Eugene