View All Costco JobsCostco Wholesale
The SAP Security & GRC Full Stack Engineer is responsible for the design and implementation of SAP security access and IT General Controls (ITGCs). This position will be responsible for the SAP security and GRC design, administration within the following but not limited to SAP modules including ECC (HCM | FICO), Solution Manager, GRC, ESS, BW, BOBJ, BODS & HANA Databases. As a Full Stack Engineer, you will work closely with Compliance, application owners and SAP teams. This role involves in developing access policies and implementing automated solutions for access management and all the other compliance driven opportunities. A strong mind for edge-cases, a passion for problem solving, and bias towards communication will be a key to this role.
- Partners with business areas and project teams to troubleshoot issues with security objects and identify and implement appropriate solutions.
- Identifies gaps and recommend solutions to security administration processes and procedures as well as area for significant improvement, optimization and automation.
- Participates in the decision-making processes for the selection of software architecture solutions that impact SAP ITGCs.
- Commits to uphold governance and corporate security guidelines including Segregation of Duties (SoD), Sarbanes-Oxley (SOX) and Payment Card Industry (PCI) standards.
- Participates in team activities and planning to improve team skills, awareness and quality of work.
- Stays current with SAP Security technology strategies and requirements by independent study, interaction with SAP Security users groups and Costco policies and platforms.
- Available for 24×7 to support 3rd level support escalations.
- Applies broad knowledge of product/service capabilities and environment to identify new growth areas, new technology and emerging product/service opportunities.
- Conducts technological research guided by organization goals, strategies, practices, and user projects.
- Identifies security problems; evaluates trends; anticipates requirements.
- Partners with various parties including IS Compliance, SAP Technical and Functional Teams to continually refine roles and optimize the security implementation based on our ITGCs.
- Provides consulting for SOX Compliance Team to support their compliance efforts.
- Supports a comprehensive audit trail of SAP ITGCs.
- Gathers requirements from internal clients and, provides security and technical expertise to development of roles to satisfy business and compliance requirements.
- Develops security objects that meet business requirements while adhering to the principle of least privilege.
- Develops and recommends strategies for SAP Security and GRC models to continually improve service.
- Strong knowledge of industry trends in security technology.
- Ability to think and work analytically.
- Ability to work independently.
- Ability to document policies, procedures, and technical diagrams.
- Ability to manage a substantial unplanned workload with short deadlines.
- Must have the ability to work with limited supervision and exhibit a strong sense of urgency.
- Strong conceptual, analytical, problem-solving, troubleshooting and resolution skills
- Documentation and presentation skills catered to a diverse technical and business audience.
- Team leadership and role-model.
- Deep technical knowledge of the relevant part(s) of the SAP environment.
- Minimum of 9-12 years’ SAP Security, GRC and compliance experience.
- Delivered multiple SAP and GRC security solutions.
- Advanced knowledge of SAP GRC including: Access Request Management, Access Risk Analysis, Emergency Access Management, Process Control & Business Role Management.
- Advanced knowledge of SAP Security configuration in the following areas: S/4 HANA, ECC (HCM/FICO), CRM, BW/BOBJ, BODS, Solution Manager, GRC, Fiori, HANA Database, JAVA.
- Expert with SOX ITGC audits and working with compliance, internal and external auditor teams.
- Excellent written and verbal communication skills.
- Strong understanding of audit and documentation requirements.
- Strong understanding of control environment impacts related to cloud applications.
Company: Costco Wholesale
Vacancy Type: Full Time
Job Location: Chico, CA, US
Application Deadline: N/A