Cloudious
10 to 15 Year(s)
Significant experience with legal and regulatory compliance standards such as PCI-DSS, SOX, GDPR, HIPAA, etc.Familiarity with ISMS and security frameworks, particularly NIST Cybersecurity Framework.Strong understanding of fundamental information security concepts and technology.Experience with IT GRC/IRM platforms (Oracle, RSA Archer, Metric Stream, etc.).Experience with IT governance, risk, and compliance management in a large global environment.Excellent written and oral communication skills.Strong work ethic with attention to detail.Ability to excel in a fast paced and rapidly changing environmentGRC Job SpecificationsSupport GRC Lead and manage adherence to access controls and process controlsWork closely with Functional Teams and Technical Teams as well as the business and off shore support teams to ensure Segregation of Duties (SOD) and critical actions are understood and appropriately built into the business rolesEnsure that application security standards are well integrated into systemsMonitor and maintain SAP application security policies, standards, guidelines, and procedures that are in alignment with the corporate strategic plan and supports the project team during the implementationResponsible for implementation and integration of SAP GRC Access Control (AC) and other post go live sustainment toolsWork with the business managers in refining risk and mitigating controlsSupport / educate business stakeholders on access risks and mitigating controlsDeal with service request and incidents related to SAP user accessSupport SAP Business Roles provisioning and de-provisioning processesSAP GRC Access Control Administration