Sr. SAP Security Specialist

Category: Cyber Security
Main location: Canada, Ontario, Toronto
Position ID: J0422-2065
Employment Type: Full Time

Position Description:

SAP Senior Security Specialist
As SAP Senior Security Specialist, you will act as the subject matter expert within corporate functions for security risk management and related activities, as well as for all security matters.

Responsibilities include but are not limited to:

• Overseeing security risks, targeted security risks assessments and other security project reviews as identified across all aspects of SAP Global Security
• Understanding applicable regulations, guidelines and industry best practices
• Contributing towards the execution of SAP’s standards specific set by enterprise governance and SAP Global Security policies and procedures
• Performing periodic security risk assessments and conduct related ongoing compliance monitoring activities
• Reviewing security exceptions for the specific corporate function and reinforce the identification of security risks
• Conducting security risk assessments and advise the corporate leadership on risk reduction proposals with cost justification
• Monitoring and enhancing the risk mitigation strategies and plans to help bring open security risks to closure
• Working independently as well as with internal and external business partners for any third-party assessments on security functions
• Developing and monitoring security risk metrics and provide periodic updates to the executive management on security risk and compliance efforts
• Providing leadership, mentoring, and training to security personnel and other SAP stakeholders
• Demonstrating proven expertise and success managing simultaneous project work streams in system security, cybersecurity controls or information security management environment, specifically on NIST domain
• Assist in the determination of requirements, design, build and testing of authorization profiles for SAP systems.
• Provide knowledge transfer to departmental personnel on an on-going basis
• Keeping up with SAP technology platforms such as ETD, etc and be able to articulate to clients
• Security industry trends and how to apply them on SAP such as UI masking, logging, anonymization, etc

• Minimum of 5 years of managing IT initiatives/project management required Minimum of 5 years information security, audit, risk management, compliance or risk consulting related experience preferred
• Experience using Governance, Risk and Compliance (GRC) tools
• Security certification e.g. CISSP, CISM – SAP Certified Technology Associate – SAP System Security and Authorizations preferred.
• Experience with information security compliance audit frameworks and requirements e.g. NIST, SOX, PCI, GDPR and Data Privacy
• Proven experience working in multi-functional and multi-cultural teams
• Ability to demonstrate analytical expertise, close attention to detail, excellent conflict resolution and negotiation skills, logic, and solution orientation
• Learn and adapt quickly with a thinking out of the box mindset
• Excellent written and oral communication skills
• Ability to learn and operate in a dynamic and agile environment
• Proactive, self-managed, and able to interface well with sponsor personnel and inter-disciplinary teams across an organization
• A good understanding of LINUX/UNIX, ORACLE, WINDOWS and HANA DB
• Knowledge in how to have a secure pipeline from user or system to/from SAP systems such as SNC, cryptographic libraries impact on password encryption, TLS for browsers, security for mobile apps, etc

• Minimum of 5 years’ experience in SAP Security (BW Analysis authorization, BOBJ, HANA, FIORI, GRC, Structure authorization, SAP Portal.
• SAP Security experience must include experience in the following areas:
o Analyzing, developing and designing Roles and Authorizations in support of new users
o Creating and supporting User IDs and test IDs in the systems
o Documentation of the roles
o Creating roles in the system and a log of the role changes for end users
o Modifying existing roles and authorizations to fix defects in the process
o Updating documentation
o Creating monthly progress reports



  • Client Management
  • Issue Management
  • Project Management
  • SAP Human Capital Mgmt

What you can expect from us:

Insights you can act on

While technology is at the heart of our clients’ digital transformation, we understand that people are at the heart of business success.

When you join CGI, you become a trusted advisor, collaborating with colleagues and clients to bring forward actionable insights that deliver meaningful and sustainable outcomes. We call our employees "members" because they are CGI shareholders and owners and owners who enjoy working and growing together to build a company we are proud of. This has been our Dream since 1976, and it has brought us to where we are today — one of the world’s largest independent providers of IT and business consulting services.

At CGI, we recognize the richness that diversity brings. We strive to create a work culture where all belong and collaborate with clients in building more inclusive communities. As an equal-opportunity employer, we want to empower all our members to succeed and grow. If you require an accommodation at any point during the recruitment process, please let us know. We will be happy to assist.

Ready to become part of our success story? Join CGI — where your ideas and actions make a difference.