SAP Security Lead

About usWe are a global technology company, driving energy innovation for a balanced planet.​ Together, we create amazing technology that unlocks access to energy for the benefit of all.​Our inclusive culture is the key to our success. We collaborate with our internal community of colleagues, alumni, and our valued external partners to support each other and achieve our goals. We aim to raise the bar high. We look for people who are committed to innovation and success and act with integrity to become and be a part of one of the most diverse group of experts in our industry, anywhere around the globe.Global in outlook, local in practice – and with a united, shared passion for discovering solutions, we hire talented, driven people and support them to succeed, personally and professionally.Job DescriptionPosition:SAP Sr Security LeadJob Summary:SLB has an opening in Pune, India for an Sr. S4H Security SME who will be responsible for working with the SAP Security team and various domain teams on SAP Security design for roll-out projects and sustain activities.Key responsibilitiesTechnologyDesigning access roles for the SAP S4H environments across multiple domain such as finance, supply, procurement, engineering etc. Implement best practices in the area of Role build, testing and transport. Define Role Transport strategy for a highly complex multi-tier environments with separate Sustain and Project Tier. Propose security best practices for Solutions built on SAP BTP. Review and share access controls, authentication protocols for 3rd party apps integrations. Define SOD Risks and mitigation controls by collaborating with process experts, GRC Teams. Provide input to GRC technical teams to update SoD risk matrix with new transaction codes/Fiori apps etc. Review custom code, and propose the authorization check to ensure the Organization level controls can be implemented via roles. Review and update authorization defaults for transactions, Fiori apps, Web-dynpros etc. Experience of defining audit controls, engage with auditors to drive internal and external audit evidence gathering. Assist in design, document and continually enhance SAP security administration policies, processes, and procedures for the SAP environment. Support the project teams on SAP Transports using during major releases, dual maintenance/retrofit and object conflict issue resolution Update and maintain procedure documentation, present to larger team. Propose technical governance (standards, best practices, etc.), document and present to Larger team.BusinessEngage with the Business Process Owners, Product Owners, and internal stakeholders to capture access control requirements. Work closely with Business analysts, Org Governance Teams and SMEs Liaise with CyberSecurity Teams, Internal/External Audit and Internal Risk & controls teams. Work closely with Project managers, define Access controls Design, Build, Test Plans identify risks to the projects. Work with internal Training team, deployment teams closely on content development, delivery and communications.External PresenceParticipate in technical forums and other appropriate eventsEssential qualificationsBachelor¹s or Master’s degree in Information Science, Computer Science or related field 10 to 12 years of SAP Security Experience Minimum 2 S4H Greenfield, Brownfield implementation Experience Experience of working on complex SAP rollout projects Excellent communication, verbal, presentation and written skillsKey competencies in SAP SecurityExpertise in application security S4H, Fiori, HANA, SAP BTP with deep understanding of authentication, user provisioning, role design management. Experience of Master – derived, Value – Enabler technical roles with inclusion of tcodes, Hana views, Fiori Apps etc. Expertise in Fiori role build, especially Pages, Spaces, Catalogue, Groups, apps etc. Understanding of OData V2, V4 services, API Security, and troubleshooting complex Fiori and Hana access issues. Exposure to BTP role build in Abap Environment, HANA Cloud (XSA apps), IAS, IPS, Audit logging, Credential store services etc. Business process understanding on Core Domains like Supply, logistics, procurement, Trade Controls and Master Data Governance. Possess experience reviewing custom transactions, updates authorization defaults, with good understanding of authorization objects across domains, including sensitive admin transaction codes. Experience of developing attribute-based access provisioning designs, with exposure to provisioning tool IDM, Saviynt.Other skills and abilitiesAbility to work in global distributed setting without supervision. Self-driven, Proactive, Out -Of -Box Thinker Flexible and reliable- displaying great ownership in all aspects. Open to travel abroad and in IndiaSLB is an equal employment opportunity employer. Qualified applicants are considered without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, or other characteristics protected by law.