*Hiring: SAP Security Adminidtrator / Columbia, ScDirect ClientJob Title: SAP Security AdministratorLocation: Columbia, SCDuration: 6 MonthsClient: State of SC/5612Descripation:Conduct application, DB, and operating system security vulnerability remediation efforts prioritized by DIS. Work with agency teams and Division of Technology resources to remediate the security findings in these systems. Implement remediations, best practices, and work towards system compliance with applicable state and federal regulations, policies, and standards. Daily Duties / Responsibilities: Work under the supervision of the Division of Information Security to enhance the security posture of the state-wide SAP ERP environment. Provide detailed recommendations and a plan for security improvements, including a risk-based prioritization of improvement efforts. Work with multiple teams to implement and validate security improvements. Provide architectural, engineering and configuration support regarding both the ongoing and strategic security configuration of a large SAP environment including underlying systems and third party applications. Work with business and technical teams to advise and develop best business practices around SAP security for all SAP platform technologies.Define SAP Role Matrix with Functional Leads, configuration of control environment, and creation of SAP Roles, profiles, and authorizations. Work with functional/process teams to refine requirements and develop solutions to application security issues including segregation of duties (SOD).Providing input and feedback on security decisions regarding the SAP infrastructure and architecture. Validate systems, applications, and operations are in compliance with established standards. Develop and maintain operational documentation where needed for the proper secure administration and operation of the system, to directly support security standards, architecture, and design. Use and refine appropriate and effective incident response measures for network security alerts. Work with members of agency and DIS staff to support the enterprise approach to security. Interface with vendors and development teams resolving technical challenges and providing clarity on product security features and requirements. Consider and foresee first, second, and third order impacts on the system, product, feature, or work flow as a result of any new change introduced. Actively participate in technical discussions related to idea conceptualization, product or feature development and security impact. REQUIRED SKILLS (RANK IN ORDER OF IMPORTANCE): Minimum of 5 years of hands-on \ application security experienceMinimum of 4 years of hands on experience with web-based applicationsAt least 2 years experience in development, configuration or support with SAP Security including leading design changes and improvements to SAP role structureStrong understanding of SAP Integration Security including system interfaces and Third Party ApplicationsProven experience developing SAP information security architectures and solutionsExperienced with SAP Security authorization concept across SAP components Proven experience in managing segregation of duties, sensitive access and mitigating controls.Strong understanding of Internal Controls and Segregation of Duties FrameworkUnderstand the security requirements of client and security implications of new business decisionsExpert understanding of SAP's authorization concepts and profile generatorInformation Security experience with subject-matter expertise on a range of information security topics including application security, host security and network security.Expert understanding of web application, middleware and database security Extensive knowledge of software security threat vectors and vulnerabilitiesUnderstanding of commonly used web and inter-system communications protocolsUnderstanding of database administrator fundamentalsStrong IT backend technology experience is required, Windows and *NIX engineering, system administration and exploitation. Thorough understanding of 3-tier, 2-tier, n-tier architecturesExcellent communication skills and ability to clearly express ideas in written and verbal form effectivelyExceptional organizational skills, ability to manage multiple priorities in a fast-paced dynamic environmentAdvanced problem solving skills, ability to develop effective long-term solutions to complex problemsAble to translate business requirements into technical specificationsProven ability in applying architecture development methods/patterns PREFERRED SKILLS (RANK IN ORDER OF IMPORTANCE): 4 years experience in development, configuration or support with SAP Security including leading design changes and improvements to SAP role structureExperience collaborating with auditors to demonstrate compliance with internal and external standards. Good understanding of SQL and Relational Database support and administration (e.g. Oracle, Sybase, DB2, SQL Server, etc.)Support or administration experience with Windows, Linux, Solaris, HP-UX, and AIXWorking knowledge of web services frameworks (i.e. SOAP)Hands on experience with Secure Software Development Lifecycle (S-SDLC) methodologies and best practices / Knowledge of secure coding principles and practices. Static analysis, dynamic analysis and manual code reviews. Understanding of JavaScript, HTML5, Java, .NET, C++, SQL and other modern programming languagesREQUIRED EDUCATION: Bachelor’s degree or 8 to 10 years experience. Please send resume to alb...@cncconsulting.com <alb...@cncconsulting.com>*
-- You received this message because you are subscribed to the Google Groups "oraapps" group. To unsubscribe from this group and stop receiving emails from it, send an email to oraapps+unsubscr...@googlegroups.com. To post to this group, send email to oraapps@googlegroups.com. Visit this group at http://groups.google.com/group/oraapps. For more options, visit https://groups.google.com/d/optout.
