Description: Job Title IT Security Architect - SAP Job Description: • The selected candidate will work as a member of the Information Technology (IT) Security & Network group as a Security Architect and is responsible for the security technology design and validation of security controls on SAP Projects. Project Specific Role: • The Security Architect (SA) will work closely with a project’s Solution Architects, the Project Manager of the specific project, other Security Architects, implementer (Vendor), to implement the specified project. • The work includes representing security during the design phase (including specifying requirements, policies and controls), testing phase (validating that all requirements, policies and controls are present or met), and closure phase (completing documentation suitable for production turnover or audits). • A security review is required for all projects, and may include pre-existing weaknesses in infrastructure or applications brought to light as part of a new initiative (i.e., need for security patching of servers, insecure interfaces, etc).
Primary Job Functions for the Security Architect: • drives the evaluation of security assessments for projects and initiatives • provide security architecture advice in support of application development, infrastructure, and enterprise technology projects to ensure the integrity of the SAP environment • define, document, and implement the application security architecture required for initiative, including (but not limited to): • authentication and authorization • account administration, provisioning, segregation of duties, validation, attestation, and more • auditing of security related requirements and testing • confidentiality, integrity, and availability of the systems and data • Compliance to regulatory requirements • Verifies security systems by developing and implementing test scripts • Assess project requirements related to application security, including correlation with enterprise security policy and standards • Identify architectural and other security risks associated with the solution, and compensating controls where necessary • Identify any gaps in existing security infrastructure to meet project requirements, work with the Manager(s) or Director of Corporate Information Security to identify and propose solutions • determines security requirements by evaluating business strategies and requirements; researching information security standards; conducting system security and vulnerability analyses and risk assessments; studying architecture/platform; identifying integration issues; preparing cost estimates • verifies compliance of security requirements by developing and implementing test scripts • Researches possible solutions and alternatives for security implementation of the project; technology applications, business process problems, technical problems, performs an analysis of alternatives, and leads the recommendation to a security solution. • Ensure that the project infrastructure is supportable and can be transitioned smoothly into production support organizations. • Works with 3rd party vendors to ensure that deliverables are completed on-time and under budget. • Documents the security and compliance aspects of the design through diagrams and written documents
What Experience/Skills MUST the candidate have (we will not forward candidates that do not match this exactly)? • Experience with the selection, design, and implementation of SAP solutions • Understanding of security architecture best practices, standards and frameworks • This position requires a background in information technology along with excellent interpersonal, research, analysis, and communication skills • The individual must be comfortable working across business and IT domains and be able to demonstrate the ability to easily shift between technical analysis and business value discussions • Requires knowledge of SAP/S4/HANA application technical design and implementation Candidate must have practical experience in the following areas: • SAP Basis Team role • Use of Solution Manager What Experience/Skills would you like the candidate to have, but is not required? • Experience with SAP Customer Information System, including SaaS – SAC, C4C, as well as on prem: S4, HANA, BW, PO, GRC, and other components • Experience working in large, geographically dispersed IT organizations • Large IT project implementation experience • Large corporate implementation resulting in significant change management efforts • Proven ability for working with higher levels of management • Certifications, such as SAP, CISSP, CCSP, CISM, or other, is desirable • Knowledge of O365 and SharePoint • Experience working with a large energy utility desired |