SAP Security Analyst

Critical Project Resourcing
United Kingdom
£450 - £500 per day
30 Sep 2017
03 Nov 2017
Contract Type
Full Time
I am currently recruiting for a SAP Security Analyst to work on a contract basis for a Local Authority in South West London.

You will need to be a skilled professional responsible for the effective and efficient production, maintenance and support of roles and authorisations needed to secure grant access to our SAP systems. You will perform a broad and challenging variety of work, some unpredictable and non-routine, which requires creative application of a wide range of principles. It is essential to maintain good, professional working relationships with stakeholders.

You will provide technical expertise for the development and maintenance of Roles and authorisations in the SAP systems, specifically in the ECC and SRM, to ensure a secure framework to control access to applications and data. Understanding of and how to secure personal data in the HCM (PA, OM, TA and PAY) modules is a must.

You will need to have an understanding of user provisioning through indirect role assignment concepts, with an applied in-depth knowledge of SAP ECC security including HCM and FICO related modules – specifically HR objects PLOG and P_ORIGIN, P_PERNR.

You will need to be Competent in SAP standard security tools, such as SU01, PFCG, SU24, ST01, ST03, SUIM, SU53, SU56, SE93, SE97, SE54, SU10, SUGR, ST22, etc.

Further requirements include:
  • Investigate situations to diagnose underlying causes and demonstrating creativity in applying knowledge to complex and non-standard situations.
  • Experience in monitoring, troubleshooting and solving customer problems.
  • Provide expert advice and consultancy on security and authorisation concepts to business, management and audit staff at operational level and in change projects, ensuring adherence to adopted standards, policies, compliance requirements and best practice principles.
  • Apply and maintain specific security controls as required by organisational policies and local risk assessments to maintain confidentiality, integrity and availability of SAP systems.
  • Apply data analysis, data modelling and quality assurance techniques to ensure understanding of business processes.
  • Use auditing control reports and tools for continuous monitoring of compliance and policy requirements. Working knowledge of the GRC 10.x is an advantage.
  • Ensure user provisioning process is timely, fit for purpose, has appropriate approval process, is SoD compliant.
  • Provide support for the implementers of new functionality and functional testers to ensure that all new development are fit for purpose with regards to security and user access, and that roles and processes are audit compliant.
  • Define, document and carry out small projects, actively participating in all phases.
  • Develop short and long term plans to clean up vulnerabilities in the authorisation roles.
    • Understanding of high risk authorisation objects: S_TABU_DIS, S_DEVELOP, S_PROGRAM, S_RFC, etc.
    • Knowledge of critical SAP transactions.
    • User Licencing and licence optimisation.
      • Experienced in working with third party service providers, both on-shore and off-shore.
If you are an experienced SAP Security Professional (preferably with a Public Sector background), please do not hesitate to apply!

This job was originally posted as