Share this Job

Senior SAP Security Analyst - Atlanta

Atlanta, GA, US, 30328

Oldcastle Infrastructure
IPG - Atlanta HQ



Job ID:  428739



Oldcastle Infrastructure, a CRH company, is the leading manufacturer of precast concrete, polymer concrete, and plastic products in the United States. Our products range from utility vaults, reinforced concrete pipe, catch basins, drainage and septic tanks, to retaining walls, storm shelters, wall panels, concrete barriers, a variety of prestressed concrete products and more.   With more than 80 locations nationwide and 3,000 plus employees, Oldcastle Infrastructure is committed to upholding core values of reliability, quality, and service in cutting edge ways.


Job Description Summary


Oldcastle Infrastructure is looking for Senior SAP Security Analyst. He/She will be responsible for architecting, implementing, and maintaining SAP Security access and user access controls for all the SAP instances of the company. This position will work closely with the SAP functional teams and the system integration partner in architecting, designing, implementing, and governing the SAP security framework for a large business process transformation program involving an S4 implementation. The senior analyst will also work with the Internal Audit, Risk, and Compliance teams to ensure the internal and external audit requirements are met.


Essential Duties and Responsibilities


  • Design, manage and deploy a global SAP security model.

  • Develop a centralized process for SAP security role maintenance and administration.

  • Develop and maintain the centralized GRC rule sets, workflows, and approvers for user provisioning /de-provisioning, authentication/authorization/emergency access, and access recertification based on business needs, industry best practices, and regulatory requirements.

  • Review the business blueprint, functional specifications for SAP security role development, authorization, and user acceptance test plans and participate in cutover activities during go-live phases.

  • Design, Implement, document, and maintain IT general controls relative to new and modified business and IT processes.

  • Administration and provisioning of security roles for SAP and non-SAP applications that integrate with the SAP instances.

  • Conduct detailed analysis sessions with end-users and business SMEs.

  • Ensure that the security roles are appropriately assigned to users and tested thoroughly before deployment.

  • Evaluate business risks associated with security role design, implement appropriate controls to address those risks, and provide recommendations on ways to simplify and streamline the security design.

  • Identify role owners and automate the role and user provisioning processes.

  • Perform user access review and provide analysis for internal and external auditors as required.

  • Work as a member of a project team to coordinate the development and determine project scope and limitations

  • Monitor, report, and remediate elevated role provisioning to ensure unauthorized access removal for live production

  • Ensure role provisioning and user access privileges comply with company security policies and SOX regulations.


Required Skills/Education


  • 10+ years of experience in application security

  • Thorough understanding of the SAP Authorization concept and the role-based access control model.

  • Knowledge of information security frameworks, methodologies, policies, standards, and best practices.

  • Knowledge of identity and access management tools and processes

  • Thorough understanding of SoX ITGC controls

  • Knowledge of IT risk management – NIST RMF

  • Ability to assess business role requirements, design authorization roles, and manage supporting authorizations.

  • Ability to speak to infrastructure-level security concerns and to work with the technical team to ensure such concerns are addressed.

  • Ability to provide guidance and direction to SAP technical and non-technical staff as well as Internal Audit key stakeholders on SAP security frameworks and processes

  • Demonstrated experience managing customer-facing, strategic projects as well as Application Development projects.

  • Strong conceptual, analytical, problem-solving, troubleshooting, and resolution skills.

  • Ability to work in a collaborative team environment with individuals at appropriate levels of the company.

  • Bachelor's Degree or equivalent in Computers, Information Technology, or related field.


Preferred Skills


  • Experience implementing and utilizing GRC security tool

  • SAP security administration

  • Experience in working with vendor and consulting teams.


What CRH Offers You


  • Highly competitive base pay
  • Comprehensive medical, dental and disability benefits programs
  • Group retirement savings program
  • Health and wellness programs
  • A culture that values opportunity for growth, development, and internal promotion



About CRH


CRH has a long and proud heritage. We are a collection of hundreds of family businesses, regional companies and large enterprises that together form the CRH family. CRH operates in a decentralized, diversified structure that allows you to work in a small company environment while having the career opportunities of large international organization.


If you’re up for a rewarding challenge, we invite you to take the first step and apply today! Once you click apply now, you will be brought to our official employment application. Please complete your online profile and it will be sent to the hiring manager. Our system allows you to view and track your status 24 hours a day. Thank you for your interest!


Oldcastle Infrastructure, a CRH Company, is an Affirmative Action and Equal Opportunity Employer.


EOE/Vet/Disability--If you want to know more, please click on this link




Date Posted:  Aug 9, 2022

Nearest Major Market: Atlanta

Job Segment: Application Developer, Consulting, SAP, Information Security, ERP, Technology