SAP GRC Security Engineer

Make an impact with NTT DATA
Join a company that is pushing the boundaries of what is possible. We are renowned for our technical excellence and leading innovations, and for making a difference to our clients and society. Our workplace embraces diversity and inclusion – it’s a place where you can grow, belong and thrive.

Your day at NTT DATA

The Application Managed Services Engineer (L3) is responsible for providing a managed service to clients by proactively identifying and resolving Packaged Application technologies such as ERP, Middleware and other business critical software incidents and problems. Through pre-emptive service incident and resolution activities, as well as product reviews, operational improvements, operational practices, and quality assurance this role maintains a high level of service to clients. The primary objective of this role is to ensure zero missed service level agreement (SLA) conditions. This role is responsible for managing tickets of high complexity, conducts advanced and complicated tasks, and provides resolution to a diverse range of complex problems. This position uses considerable judgment and independent analysis within defined policies and practices. This role applies analytical thinking and deep technical expertise in achieving client outcomes, while coaching and mentoring junior team members across functions.

This role may also contribute to / support on project work as and when required.

The Senior SAP GRC Specialist will be responsible for overseeing and managing our SAP Governance, Risk, and Compliance framework. They will collaborate closely with various stakeholders across the organization to ensure that our SAP systems adhere to regulatory requirements, industry standards, and internal policies. Key responsibilities include:

What you'll be doing

Key Roles and Responsibilities:

• SAP GRC Access Control
• SAP GRC Process Control
• SAP S4 HANA
• Designing, implementing, and maintaining SAP GRC solutions to manage access controls, user provisioning, and compliance monitoring.
• Conducting risk assessments and identifying areas for improvement in our SAP security posture.
• Developing and implementing policies, procedures, and controls to mitigate risks and enhance governance.
• Coordinate with customers to align on existing role setup in S/4HANA.
• Coordinate and align with business process owners on right setup of authorization.
• Design and develop segregation of duties (SOD) rules set for all roles.
• Ensure all new roles created have proper controls.
• Prepare GRC specific documentations.
• Align SOD matrix with business specific requirements.
• Highlight risk and issues to Authorization Lead.
• Providing expertise and guidance on SAP security best practices and emerging trends.
• Leading and participating in audits, compliance reviews, and security assessments related to SAP systems.
• Collaborating with cross-functional teams to address security vulnerabilities and remediate issues in a timely manner.
• Serving as a subject matter expert on SAP security and GRC matters, providing training and mentorship to junior team members.
• Ensures that assigned Packaged Application technologies such as ERP, Middleware and other business critical software in the clients environment site is configured, installed, tested, and operational
• Performs necessary checks, apply monitoring tools and respond to alerts
• Identifies problems and errors prior to or when it occurs and log all such incidents in a timely manner with the required level of detail
• Assists in analyzing, assigning, and escalating support calls
• Investigates third line support calls assigned and identify the root cause of incidents and problems
• Reports and escalates issues to 3rd party vendors if necessary
• Provides onsite technical support to clients and provide field engineering services to clients
• Conducts a monthly random review of incidents and service requests, analyze and recommend improvement in quality
• Provides continuous feedback to clients and affected parties and update all systems and/or portals as prescribed by NTT
• Proactively identifies opportunities for work optimization including opportunities for automation of work
• May manage and implement projects within technology domain, delivering effectively and promptly per client agreed upon requirements and timelines
• May work on implementing and delivering Disaster Recovery functions and tests

Knowledge, Skills and Attributes:

• Ability to communicate and work across different cultures and social groups
• Ability to plan activities and projects well in advance, and takes into account possible changing circumstances
• Ability to maintain a positive outlook at work
• Ability to work well in a pressurized environment
• Ability to work hard and put in longer hours when it is necessary
• Ability to apply active listening techniques such as paraphrasing the message to confirm understanding, probing for further relevant information, and refraining from interrupting
• Ability to adapt to changing circumstances
• Ability to place clients at the forefront of all interactions, understanding their requirements, and creating a positive client experience throughout the total client journey

Academic Qualifications and Certifications:

• Bachelor’s degree in information technology, Computer Science, or related field.
• Minimum of 5+  years of experience in SAP security and GRC, with a focus on SAP Access Control, Process Control, and Risk Management modules.
• Hands-on experience with SAP GRC implementations, configuration, and administration.
• Strong understanding of SAP security concepts, role design, and segregation of duties (SoD) analysis.
• Knowledge of regulatory requirements such as SOX, GDPR, and industry standards like NIST, ISO 27001.
• Excellent communication skills with the ability to effectively interact with stakeholders at all levels of the organization.
• Relevant certifications such as SAP Certified Associate - SAP Security in GRC, CISSP, CISA, or CISM are preferred

Required Experience:

• Seasoned years of work experience
• Seasoned experience required in Engineering function within a medium to large ICT organisation
• Seasoned experience of Managed Services
• Excellent working knowledge of ITIL processes
• Excellent experience working with vendors and/or 3rd parties
• Seasoned experience managing Packaged Application technologies such as ERP, Middleware and other business critical software

Workplace type:

On-site Working

About NTT DATA
NTT DATA is a $30+ billion trusted global innovator of business and technology services. We serve 75% of the Fortune Global 100 and are committed to helping clients innovate, optimize and transform for long-term success. We invest over $3.6 billion each year in R&D to help organizations and society move confidently and sustainably into the digital future. As a Global Top Employer, we have diverse experts in more than 50 countries and a robust partner ecosystem of established and start-up companies. Our services include business and technology consulting, data and artificial intelligence, industry solutions, as well as the development, implementation and management of applications, infrastructure, and connectivity. We are also one of the leading providers of digital and AI infrastructure in the world. NTT DATA is part of NTT Group and headquartered in Tokyo.

Equal Opportunity Employer
NTT DATA is proud to be an Equal Opportunity Employer with a global culture that embraces diversity. We are committed to providing an environment free of unfair discrimination and harassment. We do not discriminate based on age, race, colour, gender, sexual orientation, religion, nationality, disability, pregnancy, marital status, veteran status, or any other protected category. Join our growing global team and accelerate your career with us. Apply today.