SAP Security Analyst

Job Title: SAP Security Analyst
Position Reports to: Manager, Applications Security
Employment: Full Time
Location: Manila (Hybrid)
Shift: Midshift (4PM to 1AM) or Nightshift (8PM to 5AM)

External Overview:

FMC Corporation is a leading specialty company focused on agricultural technologies. FMC provides innovative and cost-effective solutions to enhance crop yield and quality by controlling a broad spectrum of insects, weeds and disease, as well as in non-agricultural markets for pest control.
FMC is a globally diverse organization that offers its employees exciting opportunities to work on challenging projects that are important to the achievement of our strategic objectives. Your education and professional experience are valued and put to use from day one. Your success at completing key initiatives can result in a varied, progressive and fulfilling career with FMC.
With a corporate culture of innovation, integrity, responsibility and customer intimacy, we foster “The Right Chemistry” in everything we do. We are looking for people to join us in creating, developing, and improving our products, our processes, and our markets. If you are ready to make a difference every day, FMC is ready to talk to you.

Role Overview:

FMC Corporation is seeking a motivated team member to become part of our Application Security Team. In this role, the SAP Security Consultant is engaged in account administration, application security systems analysis, with a primary focus on SAP systems. In relation to the organization, jobholders work to provide an integrated security program protecting the integrity, confidentiality, and availability of FMC’s information resources on a worldwide basis, by: protecting systems from both unintentional and deliberate access and destruction; communicating with clients to understand their security needs, and implementing processes to accommodate them; ensuring that clients understand and adhere to necessary procedures to maintain security; and weighing business needs against security needs.
Position is distinguished by chararacteristics with respect to five qualification factors:
• Leadership: Strong, visible advocacy of security policies and standards in all interactions.
• Accountability: accountable for accurate analysis and other work, and using established processes and procedures correctly. Limited authority to work outside of defined processes and procedures.
• Direction received: receives substantial direction from manager and senior team members, who largely set priorities.
• Problem solving: develops alternative solutions - identifying root causes, risks, and benefits - to medium-complexity problems.
• Spoken and written communication: writes useful instructions, e-mails and other needed documentation. Participates effectively in groups.

Responsibilities:
• Provide reliable and exceptional support to user base for ERP (SAP S/4, Fiori, HANA, BW, other SAP systems, and SaaS applications)
• Manage SAP Users and Security Roles spanning all relevant SAP technologies
• Manage SAP GRC 12 Access Control functions
• Review SAP roles, documentation and make recommendations to ensure enhanced security.
• Setup SAP audit logging and perform periodic review of logged activity.
• Perform annual SAP licensing administration.
• Liaison with Basis and COE IT support and end users.
• Configure user provisioning in Control Panel \ GRC system and workflow approval process.
• Perform quarterly Information Technology General Controls (ITGCs) for SAP user access reviews.
• Perform quarterly privileged access review in SAP systems.
• Create documentation around processes for provisioning process, conflict management process, and violation mitigation process.
• Manage Firefighter access requests, and review firefighter audit logging.
• Participate in SAP implementation, function integration testing, and periodic regression testing.
• Manage user access change requests through company helpdesk requests.
• Manage process to post credentials to SAP secure area
• Perform Early Watch report analysis, identifying necessary security and system changes.
• Maintain helpdesk resolution within Service Level Agreement (SLA)
• Research and implement SAP security best practice, policy and procedures
• Trouble-shoot SAP system security \ access issues
• Work with team to perform monitoring and continuous SAP Security improvement.
• Handle and maintain access to sensitive and restricted information or data in a confidential and appropriate manner.

Required Education:
• An engineering degree in related field from a reputable college in a technical discipline (Computer Science, Computer Engineering, Electronics, Information Technology) is required.

Qualifications:
• At least five years of information technology experience. Highest value placed on successful experience with technology platforms strategic to FMC; SAP S/4, Fiori, HCM, GTS, BW/4 HANA, SAP CRM, SAP Netweaver Suite, HANA DB, and SAP GRC 12.
• At least five years of progressive experience in multiple aspects of IT security administration and analysis.
• At least five years in positions that provided substantial experience:
a. Setting priorities and accomplishing tasks on time, with requirements often dictated by defined service level agreements.
b. Working on multiple tasks with varying priorities and due dates, i.e. “multitasking”.
c. Learning and using new processes, procedures, technologies, and tools.
d. Working with accuracy and attention to detail.
e. Working effectively on teams.
• SAP GRC Process Controls 12 implementation experience
• Working experience with SAP GRC Access Control 12
• SAP Cloud Identity Access Governance experience
• Experience implementing or operating SAP environments enabled by Fiori Security, and / or SAP HANA DB
• Familiarity with the following concepts: Business roles, Application logging/security reporting, Application vulnerability testing, code reviews
• Strong interpersonal communications skills with a proven track record of collaboration and influence across a diverse audience of business and technical team members.
• Ability to manage small teams that successfully complete large initiatives in addition to smaller ongoing support projects
• Building strong relationships with a variety of third-party providers to deliver the tools and skills needed to fulfill the application security strategy
• Demonstrated experience with role-based access control