Be an early applicantLess than 25 applicants
Costco IT · 3 days ago
Security Analyst - SAP
Seattle, WA
Full-time
Hybrid
Senior Level
$125K/yr - $165K/yr
7+ years exp
Wonder how qualified you are to the job?
Maximize your interview chancesIT Services and IT Consulting
Insider Connection @Costco IT
Responsibilities
Provides security and technical expertise to support the development of security objects to satisfy business requirements.
Analyzes and administers security policies to control physical and virtual system access.
Identifies and investigates security issues and develops security solutions that address compliance requirements that can/do impact security.
Identifies, develops, and implements mechanisms to detect security incidents in order to enhance compliance and support of the security standards and procedures.
Assesses business role requirements, reviews authorization roles, and supports authorizations.
Demonstrates a comprehensive skill set with testing authorizations for multiple environments and coordinates testing with business/technical users.
Validates system configurations to ensure the safety of information systems assets and protects information systems from intentional or inadvertent access or destruction.
Implements best practice when applying knowledge of information systems security standards/practices (e.g. access control and system hardening, system audit and log file monitoring, security policies, and incident handling).
Identifies security gaps that expose Costco to potential exploit and develop short and long term prioritized remediation to address those gaps.
Determines strategy and protocol for network behavior, analysis techniques, and tool implementation.
Creates dashboards, configures alerts, implements and supports security software platforms, and monitors tools/apps.
Identifies opportunities for streamlining, and increasing effectiveness through continuous process improvement.
Implements practices, processes, and procedures consistent with Costco's information security policy and IT standards.
Develops and documents security events and incident handling procedures into Playbooks.
Ensures that incident documentation is comprehensive, accurate, and complete.
Triages, prioritizes, investigates, and coordinates security events and incident handling activities.
Creates and/or remediates GITC (General IT Controls) in support of meeting audit objectives for all SAP modules, and their supporting Databases, within the Costco SAP landscape (i.e. Finance, Retail, Warehouse Management, Payroll, Oracle, HANA, etc.).
Designs IT testing procedures to identify and evaluate risk exposures and determine the effectiveness and efficiency of controls.
Assists with the creation of effective remediation solutions and/or exception documentation where applicable.
Serves as the subject matter expert and point of contact to Internal and External Auditors.
Assists project teams with creation and implementation of IT controls objectives and integration into SAP-GRC.
Assists with the successful completion of the quarterly UAR (User Access Review) audit process.
Collaborates with Internal Audit in developing, testing, and devising solutions to effectively meet applicable IT control objectives.
Takes responsibility for continued personal growth in the areas of technology, business knowledge, Costco policies, and platforms.
Participates in team activities and team planning in regards to improving team skills, awareness, and quality of work.
Qualification
Find out how your skills align with this job's requirements. If anything seems off, you can easily click on the tags to select or unselect skills to reflect your actual expertise.
Required
Minimum of 7 years of experience of SAP GRC Access 10.0 and or 12.0 with expertise using the following modules: Account Request Management (ARM), Access Risk Analysis (ARA), Emergency Access Management (EAM), User Access Review (UAR), Process Control (PC), SAP ETD
Minimum of 5 years work experience in IT Risk Management, SOX compliance, and/or auditing with a strong background in IT controls
Minimum of 5 years of experience with SAP Security across various applications including but not limited to S/4 HANA, ECC, BW, MDG, Fiori, PI/PO, eWM, and Solution Manager
Understanding of SAP cloud security
Minimum of 5 years of experience with SOD conflict resolution
Strong understanding of Sarbanes-Oxley (SOX) and other compliance requirements that may impact SAP Security
Expertise in working with Internal and External auditors
Experience developing security solutions that address Sarbanes-Oxley requirements
Ability to effectively mentor less experienced team members on SAP compliance
Experience in successful project implementation and follow-up
Strong conceptual, analytical, problem-solving, troubleshooting, and resolution skills
Ability to monitor and manage the progress of tasks and work independently
Ability to design, develop, and maintain SAP user management and security architecture across SAP environments. This includes hands-on role design and build across a number of complex SAP applications and databases
Strong time management skills
Good decision-making skills
Available for 24x7 on call rotational support
Preferred
Bachelor’s degree in Accounting, Business, Information Technology, or Computer Science preferred
Documentation and presentation skills catered to a diverse technical and business audience
Technical knowledge of SAP landscapes and roadmaps
Benefits
Paid time off
Health benefits - medical/dental/vision/hearing aid/pharmacy/behavioral health/employee assistance
Health care reimbursement account
Dependent care assistance plan
Short-term disability and long-term disability insurance
AD&D insurance
Life insurance
401(k)
Stock purchase plan
Company
Costco IT
Costco IT is responsible for the technical future of Costco Wholesale, the third largest retailer in the world with wholesale operations in twelve countries.
1,001-5,000 employees
Funding
Current Stage
Late StageCompany data provided by crunchbase
