Please reply to:- Goel, Ankur / ag...@compunnel.com / 609-606-9010 Ext.# 1342


Job Details:-
Job Title : Security Analyst
Location : Columbia, SC
Expected Duration of Project : 6 Months
Start Date : 08/01/2014
Interview Type : Telephonic, Personal
Duties & Responsibilites :

-Work under the supervision of the Division of Information Security to enhance the security posture of the state-wide SAP ERP environment. 
-Provide detailed recommendations and a plan for security improvements, including a risk-based prioritization of improvement efforts.  Work with multiple teams to implement and validate security improvements.
-Provide architectural, engineering and configuration support regarding both the ongoing and strategic security configuration of a large SAP environment including underlying systems and third party applications. 
-Work with business and technical teams to advise and develop best business practices around SAP security for all SAP platform technologies.
-Define SAP Role Matrix with Functional Leads, ??configuration of control environment, and creation of SAP Roles, profiles, and authorizations.
-Work with functional/process teams to refine requirements and develop solutions to application security issues including segregation of duties (SOD).
-Providing input and feedback on security decisions regarding the SAP infrastructure and architecture.?
-Validate systems, applications, and operations are in compliance with established standards. 
-Develop and maintain operational documentation where needed for the proper secure administration and operation of the system, to directly support security standards, architecture, and design.  
-Use and refine appropriate and effective incident response measures for network security alerts.
-Work with members of agency and DIS staff to support the enterprise approach to security.
-Interface with vendors and development teams resolving technical challenges and providing clarity on product security features and requirements. 
-Consider and foresee first, second, and third order impacts on the system, product, feature, or work flow as a result of any new change introduced.  
-Actively participate in technical discussions related to idea conceptualization, product or feature development and security impact. 

REQUIRED SKILLS (RANK IN ORDER OF IMPORTANCE):  
-Minimum of 5 years of hands-on \ application security experience
-Minimum of 4 years of hands on experience with web-based applications

REQUIRED EDUCATION:   
-Bachelor’s degree or 8 to 10 years experience. 

PREFERRED:
-CISSP, CEH, MCSE, CCSP, GCIH, APPLICATION SECURITY/SECURE SOFTWARE PROFESSIONAL CERTIFICATIONS (E.G. CSSLP, GSSP, GWEB, GWAPT, ETC.)
-At least 2 years experience in development, configuration or support with SAP Security including leading design changes and improvements to SAP role structure
-Strong understanding of SAP Integration Security including system interfaces and Third Party Applications
-Proven experience developing SAP information security architectures and solutions
-Experienced with SAP Security authorization concept across SAP components??
-Proven experience in managing segregation of duties, sensitive access and mitigating controls.
-Strong understanding of Internal Controls and Segregation of Duties Framework
-Understand the security requirements of client and security implications of new business decisions
-Expert understanding of SAP's authorization concepts and profile generator
-Information Security experience with subject-matter expertise on a range of information security topics including application security, host security and network security.
-Expert understanding of web application, middleware and database security
-Extensive knowledge of software security threat vectors and vulnerabilities
-Understanding of commonly used web and inter-system communications protocols
-Understanding of database administrator fundamentals

PREFERRED SKILLS (RANK IN ORDER OF IMPORTANCE): 
-4 years experience in development, configuration or support with SAP Security including leading design changes and improvements to SAP role structure
-Experience collaborating with auditors to demonstrate compliance with internal and external standards.
-Good understanding of SQL and Relational Database support and administration (e.g. Oracle, Sybase, DB2, SQL Server, etc.)
-Support or administration experience with Windows, Linux, Solaris, HP-UX, and AIX
-Working knowledge of web services frameworks (i.e. SOAP)
-Hands on experience with Secure Software Development Lifecycle (S-SDLC) methodologies and best practices / Knowledge of secure coding principles and practices. 
-Static analysis, dynamic analysis and manual code reviews.
-Understanding of _javascript_, HTML5, Java, .NET, C++, SQL and other modern programming languages

         



Click here to see details and upload resume for this job.

Click here to see all jobs on jobs.compunnel.com.

--
You received this message because you are subscribed to the Google Groups "American Vendor--IT Consulting" group.
To unsubscribe from this group and stop receiving emails from it, send an email to sap-vendor+unsubscr...@googlegroups.com.
To post to this group, send email to sap-vendor@googlegroups.com.
Visit this group at http://groups.google.com/group/sap-vendor.
For more options, visit https://groups.google.com/d/optout.

Reply via email to