SAP Security Technical Lead

The SAP Security Technical Lead will provide hands on leadership in defining and executing the programs, projects, and day-to-day operational responsibilities in delivery of SAP Security services for ITT’s global enterprise. This is a new role in the organization within the ITT’s Corporate SAP Center of Excellence (CoE), reporting to the IT Director, Business Applications.

As the Technical Lead for SAP Security, you will play a pivotal role in ensuring the security, compliance (SOX), and standardization of SAP processes and system configurations across our diverse enterprise. SOX is a vital component of our corporate governance, aimed at maintaining the integrity of financial reporting. In this position you will own the strategic / operational roadmap and action plans, for managing SAP Security and Auditing services, harmonizing configurations, processes, roles, profiles, and security policies to enhance the efficiency and security of our SAP landscape.

This person will play a pivotal role across the organization and for this reason he/she will be expected to have a deep technical background in the SAP Security area, Audit procedures (Sarbanes-Oxley/SOX compliance) and GRC management, as well as excellent communication and collaboration skills to bridge the internal needs of the various internal IT organizations with the outsourced Security services. This individual is expected to be an expert in all the SAP Security and Audit requirements and their respective obligations to ensure SOX compliance, guiding the ITT business units and external contractors in the maintenance, improvements and growing of all the ITT SAP systems.

For a person to be successful in this role, they will need to be highly driven (“high motor”), able to balance many active priorities, detail oriented, planful, comfortable in searching out and addressing ambiguity, able to consistently deliver results to achieve intended business outcomes, persists with a naturally curious and highly accountable mindset, and approaches situations in a thoughtful and process-oriented manner. 

The person in this role will be a key team member entrusted to manage our outsourced Security services and provide hands on assistance, should the need arise to ensure services are delivered in alignment with contractual agreements, business expectations and audit requirements.   Additionally, this person will work with their teammates and functional owners to ensure IT service delivery is effectively and efficiently executed.  For net new ERP / business systems modernization efforts, you will work to establish thoughtful plans, risk assessments, and implementation plans. This role comes with an enormous opportunity to gain experience professionally, functionally, technically, and personally in an efficient and collaborative team atmosphere with global reach.

• • Act as the central point of contact for all additional efforts requiring Security services; evaluate needs and provide options/recommendations to address the needs, including internal planning, SOW scoping, etc.
  • Advocate for the needs of the end users and IT teams as they aspire to provide a premier level of service for all our business units.
  • Working with our SAP Security service provider, proactively evaluate and assess landscape health and evaluate / make recommendations to improve security posture and performance in a proactive manner; develop and lead the execution of those plans to improve and ensure ongoing environment health.
  • Guide and/or validate the external SAP Security team in the maintenance, improvement, and expansion of all the ITT SAP systems.
  • Effectively integrate SAP security controls into the business environment to achieve expected business results.
  • Independently drive issue resolution coordinating with all parties as needed to drive results.
  • Apply best practice business processes and technical alternatives while operating in a rapidly changing business environment
  • Ability to validate third-party basis service provider is conducting periodic tasks with regularity and high quality.
  • Own all planning, coordination, and execution activities for all business units across all SAP instances globally.
  • Develop and execute a comprehensive SAP Security and Auditing strategy aligned with the organization's goals and industry best practices.
  • Collaborate with cross-functional teams to ensure security and auditing requirements are integrated into SAP implementations and upgrades.
  • Collaborate with internal audit teams to design and implement effective SOX controls related to SAP systems.
  • Periodically assess the design and operating effectiveness of these controls to ensure compliance with SOX requirements; this includes the execution of periodic self-assessment activities aligned with ITT’s SOX controls structure.
  • Identify and evaluate risks associated with SAP security and access controls that could impact financial reporting or meeting obligations for effective controls; develop and implement mitigation strategies to address identified risks.
  • Maintain comprehensive documentation of SAP security controls and access policies.
  • Plan and execute periodic testing procedures to assess the effectiveness of controls, including user access reviews, segregation of duties (SoD) analysis, and security configuration reviews.
  • Prepare and present SOX audit findings and reports to management and external auditors.
  • Establish and maintain a roadmap for continuous improvement in SAP security and auditing practices.
  • Collaborate with business and IT teams to address control deficiencies and implement corrective actions in a timely manner.
  • Establish mechanisms for continuous monitoring of SAP security controls to detect and respond to deviations promptly.
  • Implement automated tools and solutions to streamline monitoring processes.
  • Oversee the day-to-day operations of SAP security administration, access control, and auditing activities.
  • Communicate the status of SOX compliance efforts to relevant stakeholders.
  • Provide guidance and training to SAP administrators and end-users on SOX-related requirements and controls.
  • Monitor and respond to security incidents, conduct risk assessments, and implement mitigation strategies.
  • Standardize SAP security configurations, access controls, and audit processes across multiple SAP instances and landscapes
  • Ensure compliance with industry regulations and internal policies, conducting audits and assessments as required.
  • Collaborate with IT teams, business units, and external partners to align SAP security and auditing initiatives with business needs.
  • Communicate security risks, issues, and solutions effectively to technical and non-technical stakeholders.
  • Provide Security coordination, support, and assistance to the SAP Applications teams.
  • Security Incident management and resolution.
  • Able to design and support roles for FIORI applications.
  • Work with third party service providers to escalate issues and seek root cause.
  • Work on the root cause analysis and institute processes and corrective actions to prevent repetitive issues from occurring.
  • Lead SAP Security & Audit coordination, support, and assistance to the SAP Applications teams along with ITTs external Security service provider.
  • Plan and coordinate and lead all activities with external Security support, SAP Functional Analysts (internal/external) and Technical/Development teams (internal/external) to support the design, the build, and implementation of various SAP integrated solutions.
  • Participate in all projects related to the further adoption (site consolidation/migrations) and modernization (Suite on HANA and S/4HANA) of ITT’s strategy as it relates to our continued investment in SAP, on premise and in the cloud.
  • Lead efforts related to SAP implementation, upgrades and migrations to S/4 HANA, Suite on HANA, , and cloud integration, cloud migrations for the relevant domains you are responsible for.
  • Work with third party SAP Security provider(s), OEM publishers and third-party support to escalate issues and seek root cause; perform root cause analysis and institute processes / corrective actions to prevent repetitive issues from occurring.
  • Define, lead, and execute a roadmap to standardize processes, security roles, profiles, auditing practices, tools configurations, automations, etc.
  • Due to the critical nature of this role, on-call support will be required should there be a critical issue impacting business operations.
  • Define and lead all activities to standardize service delivery across all of ITT’s SAP landscapes.
  • Identify and execute opportunities that create operational efficiencies (automation, shift-left, etc.).

• • • Bachelor’s Degree (preferably in Business or Computer Science); MBA a plus
    • Extensive experience (8+ years) in SAP security’ proven track record in large, complex organizations.
    • 5+ years SOX related SAP experience with audits and related processes
    • Excellent knowledge of SAP Basis best practices and methodologies.
    • Proficiency in SAP security role design, user provisioning, and compliance reporting
    • Experience within a large multi-national organization with a diverse set of personnel from multiple regions and countries.
    • Strong client-driven mindset and be willing to extend themselves to collaborate across teams, geographies, and time zones in an effective and efficient manner.
    • Ability to identify improvements in existing roles and redesign / rebuild as per industry standards.
    • Experienced in automation of repetitive security tasks and eliminate redundancy as well as reduce turnaround time.
    • Experience in migrating organizations migrate from ECC 6.0 to S/4HANA
    • Experienced with security setup for S/4 HANA, BTP
    • In-depth knowledge of SAP security best practices, including SAP GRC (Governance, Risk, and Compliance) solutions.
    • Confident initiative-taker who is driven and results-oriented
    • Project management skills to coordinate SOX compliance activities, prioritize tasks, and meet reporting deadlines.
    • Strong documentation skills to maintain detailed records of control design, assessments, and testing results.
    • Familiarity with automated testing tools and data analytics for SOX testing.
    • Demonstrated experience in planning and executing control tests.
    • Ability to configure and maintain SAP GRC tools to support SOX control objectives.
    • Experience with SAP security tools and technologies, such as SAP Security Administrator, SAP Identity Management, and SAP Fiori.
    • Must have knowledge to support different SAP releases:
    • S4H/Suite on Hana
    • ECC 6.0
    • SAP 4.0b
    • SAP 4.6C
    • Fiori/Gateway
    • PI
    • BW/BO
    • Strong background in SAP security and SAP Audit best practice and methodologies:
    • Management of SAP Security roles and profile
    • Capability to redesign the SAP roles and standardize the approach across differing business units and landscapes.
    • Management of all the Audit procedures and best practices
    • Knowledge of the Sarbanes-Oxley/SOX regulation and procedures
    • Knowledge of Controlled data
    • Management of CPGRC
    • SSO Single Sign On logic and configuration
    • Solman & EWA Reporting & Improvements suggested by EWA.
    • Knowledge of SAP Solution Manager, ASAP methodology and SAP Best Practices are a major plus.
    • Experience with transport and governance such as CPGRC
    • Strong organizational skills
    • Excellent communication skills, written and verbal.
    • Proficiency in the English language is a necessity.
    • Strong interpersonal skills
    • Must be able to work independently as well as a team player and can manage own workload.
    • Able to balance competing priorities and work under tight deadlines.
    • ITIL, Six Sigma, and PMI certification a plus
    • Experience working in a SOX-compliant environment.
    • Previous experience leading the integration of acquired companies is required
    • Previous experience leading the separation of divested companies is a plus.
    • Strong affection for developing, implementing repeatable processes; continually assess and improve.
    • Strong ability to trust but verify various aspects of IT service delivery and planned efforts.
    • Travel is project based, but generally no more than 10% to 15%

    Additional Attributes

    • Leverage a consultative approach in conjunction with their technical skills and SAP solution expertise
    • Maintains high ethical standards and works by a strong moral compass. Keeps their word and follows through on commitments. Honest, credible, and trustworthy.
    • Continuous improvement mindset; always curious and open minded.
    • Effectively examines events, issues and problems and determines implications, isolating root causes and ensuring they are solving whole problems rather than simply addressing symptoms.
    • Works to prepare the organization for the future by maintaining a strategic perspective on the business. Identify information critical to long-range planning.
    • Adept at building relationships across the enterprise through collaboration, teaming, consensus building and interpersonal effectiveness. Positive influencing skills, able to interact with professionals in various functional areas to resolve issues throughout the organization and to mesh complex technology concepts with needs from company-wide constituents. An experienced manager and motivator of teams.
    • Effectively conveys ideas and messages formally and informally. Delivers clear, concise, accurate, articulate, and persuasive written/oral messages, supplying supporting facts, as necessary. Adept at tailoring communication to different audiences. Demonstrated ability to prepare reports, documentation, and other written information thoroughly and completely.
    • Effectively manages multiple tasks to complete complex projects. Highly organized, efficient, and able to define objectives, sequence, timeline, interdependencies and contingencies for projects or initiatives, maximizing time and resources and overcoming obstacles.