SAP GRC Security Consultant

Job: SAP GRC Security Consultant

Location: Atlanta GA

Duration: 12 months

Rate: $80 on C2C

Only USC and GC on this role

Qualifications:

SAP GRC Security Consultant
• 10+ years' experience with SAP Security Design, Implementation and Administration in SAP ECC required, including production support experience with specific experience with SAP Transportation Management System • Proficient in SAP authorization concepts, including authorization reporting, troubleshooting transaction codes, and project implementation • Strong understanding of Sarbanes Oxley legislation, risks and mitigating controls (segregation of duties, etc)

SAP Security Engineer (contract to hire) for SAP Transportation Management system implementation capital project. Employee will remain post-project for TMS M&S, funded by 2026 opex budget transfer from TechOps Finance.

Responsibilities:

Responsible for the design, testing, evaluation, implementation, support, management, and deployment of security systems/devices used to safeguard the organization's information assets. Also responsible for analyzing the information security environment and assisting with the development of security measures to safeguard information against accidental or unauthorized modification, destruction, or disclosure. '-Works with the technical team to recover data after a security breach. -Configures and installs firewalls and intrusion detection systems. -Develops automation scripts to handle and track incidents. -Investigates intrusion incidents, conducts forensic investigations and mounts incident responses. -Delivers technical reports and formal papers on test findings. -Installs firewalls, data encryption, and other security measures. -Maintains access by providing information, resources, and technical support. -Ensures authorized access by investigating improper access; revoking access; reporting violations; monitoring information requests by new programming; recommending improvements. -Updates job knowledge by participating in educational opportunities; reading professional publications; maintaining personal networks; participating in professional organizations. -Accomplishes information systems and organization mission by completing related results as needed. '-Builds, deploys, and tracks security measurements for computer systems and networks. -Mitigates security vulnerabilities by implementing applicable solutions and tools. -Performs vulnerability testing, risk analyses, and security assessments. -Collaborates with colleagues on authentication, authorization, and encryption solutions. -Tests security solutions using industry standard analysis criteria. -Responds to information security issues during each stage of a project's lifecycle. -Performs risk assessments and testing of data processing systems. -Establishes system controls by developing framework for controls and levels of access; recommending improvements

-Establishes computer and terminal physical security by developing standards, policies, and procedures; coordinates with facilities security; recommends improvements. -Safeguards computer files by performing regular backups; developing procedures for source code management and disaster preparedness; recommends improvements. '-Determines the sensitivity of the data in order to recommend the appropriate security needs. -Develops proposals for, and consider cost effective equipment options to satisfy security needs. -Communicates with the technical team, management team and users companywide if data security is breached. -Designs infrastructure to alert the technical team of detected vulnerabilities. -Evaluates new technologies and processes that enhance security capabilities. -Supervises changes in software, hardware, facilities, telecommunications and user needs. -Defines, implements, and maintains corporate security policies. -Analyzes and advises on new security technologies and program conformance. -Creates, tests, and implements network disaster recovery plans. -Recommends security enhancements and purchases. -Trains staff on network and information security procedures. -Develops security awareness by providing orientation, educational programs, and on-going communication. -Recommends modifications in legal, technical and regulatory areas that affect IT security.

---