SAP GRC and Security Consultant

SAP S/4 HANA Fiori and GRC consultant: Minimum of 5-10 years of experience

GRC:

• GRC End-End Implementation (minimum 1 Life Cycle)
• Activation of BC Sets / IMG Nodes
• Activation of SICF services for GRC AC, PC and RM
• Create new connectors and maintain connector groups
• Creation of Initiator Rule, Agent Rule, Notification variable rule & Routing rule
• Maintain Configuration setting
• Designing of Fiori Rule Set for GRC-Fiori Integration
• Configuring integration scenarios (SUPMG, AUTH, ROLEMG, PROV)
• GRC Multi-Stage Multi-path (MSMP) workflow customization and maintenance
• Creation of Function ID's
• BRF+ customizing for Workflow maintenance
• Risk ID creation and changes for new authorization maintenance
• Mitigation ID creation and maintenance
• Remediation of risks based on simulation results
• Maintain new connectors for accessing through GRC
• Maintain Role methodology for different role type through condition groups
• Maintain EUP for use in different scenarios
• Configure Password self-service
• Maintain the Synchronization jobs.
• Maintain rule sets for customized risk IDs and function IDs.
• Create mitigation control and mitigating risks
• GRC integration with SuccessFactors for Risk analysis and Access provisioning
• GRC integration with SuccessFactors for HR trigger
• GRC integration with HANA DB for access provisioning and risk analysis
• Designing new Process Control CCMs or enhancing existing controls based on compliance requirements

SoD Risk Remediation / Mitigation, ITGC and Audit:

• Designing of SoD Risk Ruleset
• Building Fiori Risk Ruleset to detect SoD risks arising from conflicting Fiori apps
• SoD clean-up and role redesign project for risk remediation and mitigation
• Building HANA Risk Ruleset for detecting SoD risks at HANA DB level involving privileges
• Experience in GRC configuration review, ruleset review and reviewing of mitigation controls to ensure their risk coverage
• Design and review of RACM

FIORI:

• Fiori Spaces and Pages Design as per Business Roles
• Activation of OData services SICF nodes
• Maintain Symantec Objects for Fiori Apps
• Maintain Target Mapping for Custom Fiori Apps
• Fiori GRC integration and design of Fiori ruleset
• Troubleshooting Fiori issues including authorizations using IWFND/ IWBEP Error logs and browser console
• Implementation and configuration of new Fiori design language involving Fiori Spaces and Pages based on business roles
• Implementation of Fiori App Support functionality to expedite Fiori & authorization related issues
• Migration from distributed Fiori landscape to embedded architecture
• Fiori landscape redesign by replacing Fiori Groups with Spaces and Pages

S/4 HANA & ECC- R3 BI/BW and HR Upgrade/ Migration/ Security:

• Table access Maintenance and mapping tables to authorization groups using SE54
• SU24 maintenance, SU25 Step execution
• Enabling system Security policies and organizational criterion for S_TABU_LIN
• Mapping programs to authorization groups using RSCSAUTH and restrict access using S_PROGRAM / S_PROGNAM
• BI/BW Analysis Authorization creation and maintenance
• Experience in BW Analysis Authorizations
• CUA administration
• Authorization tasks pertaining to ECC to S/4 HANA Migration
• SAP ERP and S/4 HANA Compliance Audit
• One ECC to S/4 Hana Migration
• SECATT, LSMW, GUI scripting for mass maintenance tasks
• S/4 HANA UI Masking and UI Logging for GDPR

HANA Security (User Admin and Role Admin)

• Creating and maintaining Analytic, SQL, Package, System & Application Privileges.
• Restricting access to Schemas, Views, Tables, Procedures using Privileges
• User Administration involving standard and restricted users
• Analytic View, Attribute Views & Calculation Views
• Changing Parameter files (e.g.- )
• Creating and transporting HANA Packages using Delivery Units

Good to have:

• Understanding of SAP Functional and business knowledge
• Experience in CFIN, MDG security and authorizations on S/4 HANA
• Experience in designing GRC / IAG risk ruleset for Fiori apps and Cloud applications