Apply on Employer Site

Boeing · 16 hours ago

Senior SAP Security Analyst

Seal Beach, CA

Full-time

Onsite

Mid, Senior Level

$129K/yr - $187K/yr

5+ years exp

Boeing is a leading company in the aerospace sector, committed to innovation and collaboration. They are seeking a Senior SAP Security Analyst to enhance their SAP Security program, focusing on compliance and security controls within complex SAP environments.

AerospaceIndustrial

No H1B

Security Clearance Required

U.S. Citizen Only

Responsibilities

Lead design, implementation, and operation of SAP security controls across SAP Enterprise Resource Planning Central Component (ECC) and S/4HANA environments, including role design, role mining, and role optimization

Provide expert guidance on RBAC and ABAC configuration for S/4HANA, Master Data Governance (MDG), SAP Global Trade Services (GTS), Business Warehouse (BW), HANA Database environments, and custom ABAP developments, review transportation and change controls for security impact

Ensure SAP RBAC and ABAC support export control data handling International Trade Arms and Regulations (ITAR), U.S. Export Administration Regulations (EAR), United Kingdom Ministry of Defense regulations (UK MOD) and program-specific access restrictions

Assist with attestation and evidence collection for internal audit, external auditors, Global Trade Compliance (GTC) reviews, and Sarbanes-Oxley Act (SOX) compliance reviews

Understand legal privacy requirements managing Personally Identifiable Information (PII) and General Data Protection Regulation (GDPR) requirements and how to apply appropriate security controls

Understand enterprise policies and processes and apply to SAP application RBAC and ABAC controls

Enforce, and continuously improve Segregation of Duties (SoD) rules and remediate violations in partnership with business process owners

Implement and manage privileged access controls, including privileged account discovery, monitoring, and logging

Drive security risk assessments, perform access reviews and attestations, and report compliance status to internal audit and external regulators

Stay current with SAP security best practices and help deploy roadmap items such as S/4HANA security hardening, Fiori security, and cloud or Software as a Service (SaaS) integration

Mentor, coach, and identify development opportunities for a team of SAP security analysts

Support incident response, investigate potential access breaches, and lead post-incident reviews

Document processes, update runbooks, standardize security implementation methodology and develop implementation playbook, and develop quick reference guides for user self-service

Qualification

SAP SecuritySAP GRCRole-Based Access ControlSAP S/4HANAFioriSOX ComplianceCross-Functional Team LeadershipIdentity ProvisioningUser Lifecycle ManagementTechnical Issue ResolutionSecurity Risk AssessmentMentoringDocumentation

Required

5 + years of experience with SAP Security and/or SAP GRC

5+ years of experience in Role Based Access Control (RBAC) leveraging Panorama

5+ years of experience with SAP S/4HANA, and ERP operational processes

5+ years of Fiori experience

5+ years of experience in SOX, SOX audits, process improvements, and policy creation

5+ years of experience with cross-functional teams, involving key stakeholder relationship management

Preferred

Bachelor's degree or equivalent work or military experience

Active government clearance (e.g., Secret, Top Secret)

Certifications such as SAP Certified Technology Associate/Professional in security topics, Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), or Identity and access management (IAM) related

Experience working for aerospace manufacturers, defense contractors, or on Department of Defense (DoD)/Federal Aviation Administration (FAA) programs

Experience with export control handling in SAP (data tagging, filtered views, master data partitioning)

Experience with NextLabs Data Access Enforcer, Format Preserving Encryption, and Dynamic Data Masking

Experience with SAP GRC Access Control (access risk analysis, business role management, emergency access management)

Experience building SharePoint site to document Security process, procedures, project playbooks, and quick reference guides to be consumed by project teams and end users