I have a very urgent DIRECT CLIENT requirement for *SAP Security Administrator *in* Columbia, SC. *Please Let Me Know If you have available candidate, please reply with their word resume, location, rate and contact number.
Please send the resumes at pe...@cncconsulting.com Job Title: SAP Security Administrator Location: Columbia, SC Duration: 6 Months Conduct application, DB, and operating system security vulnerability remediation efforts prioritized by DIS. Work with agency teams and Division of Technology resources to remediate the security findings in these systems. Implement remediations, best practices, and work towards system compliance with applicable state and federal regulations, policies, and standards. Daily Duties / Responsibilities: Work under the supervision of the Division of Information Security to enhance the security posture of the state-wide SAP ERP environment. Provide detailed recommendations and a plan for security improvements, including a risk-based prioritization of improvement efforts. Work with multiple teams to implement and validate security improvements. Provide architectural, engineering and configuration support regarding both the ongoing and strategic security configuration of a large SAP environment including underlying systems and third party applications. Work with business and technical teams to advise and develop best business practices around SAP security for all SAP platform technologies. Define SAP Role Matrix with Functional Leads, configuration of control environment, and creation of SAP Roles, profiles, and authorizations. Work with functional/process teams to refine requirements and develop solutions to application security issues including segregation of duties (SOD). Providing input and feedback on security decisions regarding the SAP infrastructure and architecture. Validate systems, applications, and operations are in compliance with established standards. Develop and maintain operational documentation where needed for the proper secure administration and operation of the system, to directly support security standards, architecture, and design. Use and refine appropriate and effective incident response measures for network security alerts. Work with members of agency and DIS staff to support the enterprise approach to security. Interface with vendors and development teams resolving technical challenges and providing clarity on product security features and requirements. Consider and foresee first, second, and third order impacts on the system, product, feature, or work flow as a result of any new change introduced. Actively participate in technical discussions related to idea conceptualization, product or feature development and security impact. REQUIRED SKILLS (RANK IN ORDER OF IMPORTANCE): Minimum of 5 years of hands-on \ application security experience Minimum of 4 years of hands on experience with web-based applications At least 2 years experience in development, configuration or support with SAP Security including leading design changes and improvements to SAP role structure Strong understanding of SAP Integration Security including system interfaces and Third Party Applications Proven experience developing SAP information security architectures and solutions Experienced with SAP Security authorization concept across SAP components Proven experience in managing segregation of duties, sensitive access and mitigating controls. Strong understanding of Internal Controls and Segregation of Duties Framework Understand the security requirements of client and security implications of new business decisions Expert understanding of SAP's authorization concepts and profile generator Information Security experience with subject-matter expertise on a range of information security topics including application security, host security and network security. Expert understanding of web application, middleware and database security Extensive knowledge of software security threat vectors and vulnerabilities Understanding of commonly used web and inter-system communications protocols Understanding of database administrator fundamentals Strong IT backend technology experience is required, Windows and *NIX engineering, system administration and exploitation. Thorough understanding of 3-tier, 2-tier, n-tier architectures Excellent communication skills and ability to clearly express ideas in written and verbal form effectively Exceptional organizational skills, ability to manage multiple priorities in a fast-paced dynamic environment Advanced problem solving skills, ability to develop effective long-term solutions to complex problems Able to translate business requirements into technical specifications Proven ability in applying architecture development methods/patterns PREFERRED SKILLS (RANK IN ORDER OF IMPORTANCE): 4 years experience in development, configuration or support with SAP Security including leading design changes and improvements to SAP role structure Experience collaborating with auditors to demonstrate compliance with internal and external standards. Good understanding of SQL and Relational Database support and administration (e.g. Oracle, Sybase, DB2, SQL Server, etc.) Support or administration experience with Windows, Linux, Solaris, HP-UX, and AIX Working knowledge of web services frameworks (i.e. SOAP) Hands on experience with Secure Software Development Lifecycle (S-SDLC) methodologies and best practices / Knowledge of secure coding principles and practices. Static analysis, dynamic analysis and manual code reviews. Understanding of JavaScript, HTML5, Java, .NET, C++, SQL and other modern programming languages REQUIRED EDUCATION: Bachelor’s degree or 8 to 10 years experience. REQUIRED CERTIFICATIONS: PREFERRED: CISSP, CEH, MCSE, CCSP, GCIH, APPLICATION SECURITY/SECURE SOFTWARE PROFESSIONAL CERTIFICATIONS (E.G. CSSLP, GSSP, GWEB, GWAPT, ETC.) Database Platforms DB2 No 1 Advanced Within 6 Months 4 - 6 Years ERP SAP information security architectures and solutions Yes 1 ERP SAP Integration Security Yes 1 ERP SAP role structure Yes 1 ERP SAP Security authorization concept Yes 1 Miscellaneous 3-tier, 2-tier, n-tier architectures Yes 1 Miscellaneous TRANSLATE COMPLEX BUSINESS REQUIREMENTS INTO TECHNICAL REQUIREMENTS Yes 1 Miscellaneous web based applications Yes 1 Advanced Within 6 Months 4 - 6 Years Network Security Application Security Yes 1 Expert Within 6 Months 4 - 6 Years Networking & Directories *NIX engineering Yes 1 Operating Systems/APIs Windows Yes 1 Expert Within 6 Months 6 + Years Operating Systems/APIs AIX No 1 Advanced Within 6 Months 4 - 6 Years Operating Systems/APIs Linux No 1 Expert Within 6 Months 6 + Years Operating Systems/APIs Solaris No 1 Expert Within 6 Months 6 + Years Programming Languages .Net No 1 Advanced Within 6 Months 4 - 6 Years Programming Languages Java No 1 Advanced Within 6 Months 4 - 6 Years Thanks, Peter Smith 224-764-8535 Phone pe...@cncconsulting.com -- You received this message because you are subscribed to the Google Groups "SAP or Oracle Financials" group. To unsubscribe from this group and stop receiving emails from it, send an email to sap-or-oracle-financials+unsubscr...@googlegroups.com. To post to this group, send email to sap-or-oracle-financials@googlegroups.com. Visit this group at http://groups.google.com/group/sap-or-oracle-financials. For more options, visit https://groups.google.com/d/optout.
