OBS! Ansökningsperioden för denna annonsen har
passerat.
Arbetsbeskrivning
Sreehith Consulting is currently looking to expand the team in Sweden with experienced SAP Technical and Functional Consultants across the ERP SAP portfolio.
SAP Security and Information Security Consultant:
Information Security threat landscape continues to remain increasingly complex and require constant vigilance to secure a large, global enterprise. This position will collaborate with various stakeholders within IT, Legal, HR, and business units to assess and provide information security assessment & gaps to be addressed and driven for closure. This position will work on assessing the security controls of new & existing applications & processes developing integration plans and projects and execute initiatives to address them. This position will work closely with business managers, and IT to communicate the importance and need for enhanced security controls. The ideal candidate will have a passion for cybersecurity and continuously looking for opportunities to enhance security controls. This position is both a driver and team player.
Job Responsibilities:
· Expertise and knowledgeable to develop, implement, and maintain security assessment processes & tools to review security controls for mission critical engineering and ERP applications. (SAP)
· Strong understanding of information security management principles, SAP application security implementation methodologies, role-based access controls, distributed systems administration, and distributed system recovery.
· Conduct security assessments and implement remedial measures on SAP Systems in close alignment with the application teams
· Expertise on migrating SAP services from on prem to cloud and ensuring necessary security controls are developed
· Conduct security assessment on internal applications/infrastructure and deliver reports detailing assessment observations and associated recommendations for information security program development to help the client meet security and compliance standards.
· Align standards, frameworks and security with overall business and technology strategy
· Identify security design gaps in existing and proposed architectures and recommend changes or enhancements
· Partner with SAP application and infrastructure team and collaborate to enhance/implement necessary information security controls
· Review the design of new and existing functionality for security vulnerabilities and suggest best practices and improvements.
· Triage results of penetration tests, security scans, and educate development teams on the reported issues, and recommend approaches to resolve or mitigate the issues.
· Ability to take a broad view of the position and take initiative to communicate, interact, and cooperate with others to ensure that all aspects of a security concern are addressed
· Perform proactive research to identify, categorize and produce reports on new and existing threats
· Continuously and proactively assesses the ERP and engineering applications for cybersecurity weaknesses, and prioritizes plans to enhance security controls
· Develop, monitor, and manage cybersecurity metrics for SAP
Qualifications:
· Degree in Information Technology or related field from an accredited university
· Minimum of 10+ years of experience in a combination of information security and risk management
· Knowledge of common information security management frameworks, such as ISO/IEC 27001, ITIL, COBIT as well as those from NIST, including 800-53 and Cybersecurity Framework
· Experience in using standard Security Assessment and Penetration Testing tools.
· Experience working in a global environment with progressively increasing responsibility in one or more information security domains.
· Demonstrated project management & presentation skills
· High degree of competence with Microsoft Office Productivity Applications
· Ability to work alone as an individual contributor, as a technical lead and as a key participant in collaboration across global teams
· The individual must be an independent, confident, persistent and results-oriented individual - not an order-taker but rather one who contributes ideas and opinions to ensure sound solutions are implemented.
· Able to deal with influencing skills, ambiguity and work independently with minimal supervision/guidance.
· Excellent English communication and solid oral, written communications, problem solving, commitment to task, ability to lead and influence change.
Preferred Certifications:
· SAP Security certifications
· Certified Cloud Security Professional (CCSP)
· Certified Information System Auditor (CISA)
· GIAC Security Essentials (GSEC)
· Certified Information Systems Security Professional (CISSP)