Sr. Information Security Analyst ERP Systems (SAP and JD Edwards)

$116,700 - $194,500/Yr

McKesson - Irving, TX

posted 4 months ago

Full-time - Mid Level
Irving, TX
1-10 employees
Merchant Wholesalers, Nondurable Goods

About the position

This position is for a Senior Information Security Analyst focused on supporting JD Edwards and SAP Security & Compliance at McKesson, a Fortune 10 company that plays a crucial role in healthcare. The primary responsibility of this role is to provide security administration, design, and improvement initiatives for these ERP systems. The individual will be tasked with ensuring that security measures align with McKesson's business processes and organizational structure while adhering to all security and architectural mandates. This role requires close collaboration with various teams, including McKesson Shared Services, Cybersecurity, and compliance and audit teams, emphasizing the need for strong leadership and technical competence. The Senior Information Security Analyst will act as a subject matter expert for security and compliance on JD Edwards E1 and SAP systems, including ECC, S4, GRC, Access Control, Process Control, and ETD. Responsibilities include identifying gaps in current security implementations, expanding security capabilities, and updating Master Data such as Roles/Entitlements and Security Configuration. The analyst will also provide oversight for projects requiring security access and compliance support, deliver training to other security team members, and ensure that all defined service levels and performance objectives are met. In addition, the role involves developing and managing security strategies, role design and implementation, access provisioning, and user maintenance. The analyst will coordinate security designs with various business units and cybersecurity teams, analyze security requirements, and recommend measures to protect information from unauthorized access. The position also supports SOX compliance by adhering to controls and procedures, conducting security assessments, and driving improvement initiatives within the Security & Compliance area. The ideal candidate will have a proven track record in security administration, particularly with SAP and JD Edwards systems, and will be adept at collaborating with technical and functional teams to ensure the success of security solutions.

Responsibilities

  • Act as a subject matter expert for security and compliance on JD Edwards E1 and SAP systems (ECC, S4, GRC, Access Control, Process Control, ETD and others)
  • Identify gaps and improvements in the current security implementation
  • Expand security capabilities to take full advantage of the JDE and SAP security tools available
  • Update and implement Master Data such as Roles/Entitlements, Role Owners, SOD rules changes, Security Configuration, threat patterns etc.
  • Provide subject matter expertise and oversight as needed for projects requiring security access and compliance support
  • Provide training to other security team members on security services activities and domain knowledge
  • Support the ongoing security service for JDE and SAP and JDE Security through meeting all defined service levels and defined performance objectives
  • Expand automated processes and workflows to deliver on business projects
  • Develop and manage security strategy
  • Design and implement roles
  • Provision and de-provision user access
  • Manage identity life cycle and user maintenance
  • Lead the implementation of security architecture
  • Convey a strategic vision and end state design for interrelated business and security processes
  • Coordinate all security designs with various Business Units and Cybersecurity teams
  • Analyze and implement security requirements
  • Recommend and develop security measures to protect information against unauthorized modification or loss
  • Work closely with both technical and functional teams to ensure the success of the overall security solution
  • Serve as Security subject matter expert and provide advisory and consulting services as needed
  • Collaborate with application teams, administration teams, and business partners to design and implement technical security solutions on JDE, SAP, and associated bolt-on applications
  • Support SOX Compliance through adherence to, and delivery of SOX controls and procedures
  • Support compliance initiatives, and audits both internal and external
  • Support recurring security assessments and access reviews
  • Provide ideas for improvement initiatives and self-manage through improvement projects

Requirements

  • 7+ years relevant security administration experience
  • At least 2 full implementations of security on SAP and JD Edwards systems
  • Experience with different scripting / programming languages to expand automation and capabilities
  • Expertise in OWM security and menu
  • JDE E1 security design and user maintenance
  • At least 3 years experience in SAP GRC Access Control & Process Control
  • At least 3 years experience with SAP ETD administration and maintenance; implementation of Threat Patterns including design, alerts, fraud detection and user Behavioral analysis, and response planning
  • Proficient in IT general controls, SOC and SOX requirements as they relate to security administration
  • Proficient in ERP security principles, technologies and solutions, delivering functionality and services on time, on budget and to meet business needs
  • Audit testing & evidence collection
  • HANA DB Security
  • SAP NextGen S4 Hana
  • Progressively responsible experience in designing, implementing, and maintaining application Security
  • Deep knowledge of application security, capabilities, and limitations
  • Proficient in reducing the attack surface and hardening ERP system security
  • Technical knowledge of security architecture and role-based authorization models
  • Proven success on multiple, enterprise-scale implementation projects or services

Nice-to-haves

  • Experience with integration of SAP and JD Edwards security administration with Identity Management platforms
  • Strong, proven problem-solving skills and ability to identify, analyze, and resolve problems
  • Proficient in analyzing requirements, resource estimation, and allocation
  • Excellent in team leadership and team-based problem-solving skills
  • Excellent interpersonal and oral, written communication skills
  • Ability to translate complex technical information across all levels of the organization
  • Ability to self-manage on tasks and mini-projects or improvement efforts
  • Strong facilitation skills and a clear ability to build strong relationships with business partners at all levels
  • Demonstrated ability to translate business drivers and priorities into security design, policies, and procedures
  • Results driven, and able to collaborate with management and colleagues to share the responsibilities for achieving an end-to-end solution for customers
  • Strong attention to detail which ensures that customer requirements are met and that a high quality standard is achieved
  • Provide technical perspectives to other architecture functions to ensure that solutions effectively leverage infrastructure capabilities and services and integrate with them
  • Must have excellent initiative, organization, and customer service skills

Benefits

  • Competitive compensation package including base pay and potential bonuses
  • Annual bonus or long-term incentive opportunities
  • Health, happiness, and well-being focus for employees
  • Diverse and inclusive work environment

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service