SAP Security

ERP Security & Authorization's mission is to continuously monitor and improve the ERP security architecture posture while preventing, analyzing, and responding to ERP security incidents supported by technology-enabled and well-defined processes and procedures.

**SAP Security & GRC Architect **collaborates with key stakeholders to analyze ideas and demands for architectural fit and translates detailed business requirements provided by the solution owner into implementable solution including specific technical requirements.
- Provides security and technical expertise to support the development of security objects to satisfy business requirements.
- Analyzes and administers security policies to control physical and virtual system access.
- Identifies and investigates security issues and develops security solutions that address compliance requirements that can/do impact security.
- Identifies, develops, and implements mechanisms to detect security incidents to enhance compliance and support of the security standards and procedures.
- Assesses business role requirements, reviews authorization roles, and supports authorizations.
- Demonstrates a comprehensive skill set with testing authorizations for multiple environments and coordinates testing with business/technical users.
- Validates system configurations to ensure the safety of information systems assets and protects information systems from intentional or inadvertent access or destruction.
- Determines strategy and protocol for network behavior, analysis techniques, and tool implementation.
- Identifies opportunities for streamlining and increasing effectiveness through continuous process improvement.
- Implements practices, processes, and procedures consistent with Nokia's information security policy and IT standards.
- Develops and documents security events and incident handling procedures into Playbooks.
- Ensures that incident documentation is comprehensive, accurate, and complete.
- Triages, prioritizes, investigates, and coordinates security events and incident handling activities.
- Creates and/or remediates GITC (General IT Controls) in support of meeting audit objectives for all SAP modules, and their supporting Databases, within the Nokia’s SAP landscape (i.e. Finance, Retail, Warehouse Management, Payroll, Oracle, HANA, etc.)
- Designs IT testing procedures to identify and evaluate risk exposures and determine the effectiveness and efficiency of controls.
- Assists with the creation of effective remediation solutions and/or exception documentation where applicable.
- Assists project teams with creation and implementation of IT controls objectives and integration into SAP-GRC.
- Assists with the successful completion of the quarterly UAR (User Access Review) audit process.
- Collaborates with Internal Audit in developing, testing, and devising solutions to effectively meet applicable IT control objectives.
- At least 5-10 years of experience in SAP Security in Development/ Configuration/solutions evaluation/ Validation and deployment.
- Proven experience with SAP Security, Role Based Permission, SAP GRC Access Controls, and SAP ECC Security.
- Strong knowledge of ECC, HANA, BW and GRC modules.
- Ability to handle support issues and process GRC requests efficiently.
- Excellent analytical and reporting skills.
- Strong communication and teamwork abilities.
- Must have Hands on SAP Security expertise in SAP S4HANA, Fiori, HANA DB, ECC, BI/BW, BOBJ, SAC, CRM, HTR systems.
- Good to have knowledge in handling Security User and role administration in HANA, BODS, Portal,,EWM, & Process Orchestration (PO) system.
- Experience in designing, building, and deploying HANA database security.
- Experience in GRC Access Control support.
- Experience in SoD analysis & remediation.
- Experience in Solman CHARM Transport process
- Experience in designing, building, testing, and deploying business and support roles with S/4 and Fiori roles.
- Good to have experience in large and complex projects with multiple rollouts for countries / regions.
- Ability to work with limited supervision and exhibit a solid sense of urgency.
- Ability to handle Severity 1 and major incidents and provide resolution within SLA.
- Understanding of internal Security controls, sensitive transactions analysis.
- Ability to solve complex Security issues through research and technical detective work.
- Excellent communication and interpersonal skills.

**Come create the technology that helps the world act together**

Nokia is committed to innovation and technology leadership across mobile, fixed and cloud networks. Your career here will have a positive impact on people’s lives and will help us build the capabilities needed for a more productive, sustainable, and inclusive world.
We challenge ourselves to create an inclusive way of working where we are open to new ideas, empowered to take risks and fearless to bring our authentic selves to work

**What we offer**

Nokia offers continuous