Job Description

Job Summary
Strategy

• Understand the SAP security product roadmap across the full SAP portfolio and to navigate through upcoming changes, take advantage of new design features and identify any compatibility challenges.

Business

• Understand the functional nature of the Businesses and the access required to support those businesses, including technology and operations users.

Processes

• Understand the banks Identity Access Management Policies and Processes and ensure the SAP landscape is aligned to these, with challenges identified and mitigated.

People & Talent

• Work within a team of SAP Certified Security Consultants and mentor more junior members

Risk Management

• Continuous Governance of defined control processes and maintaining quality deliverables that can be provided as evidence of compliance to process

Governance

• Experience across on-premise, hybrid and SaaS applications and understanding of Cloud Governance challenges
• Experience in SAP landscape with focus on audit compliance and governance of access control across a complicated landscape including S/4 Hana, ABAP and Fiori security roles and ABAP programs, Hana databases. Additional experience in SAP Disclosure Manager, SAP PAPM, Group reporting solutions is an advantage
• Expert Knowledge of GRC Access Control suite is desired with hands on experience in Access Request Analysis (ARA), Access Request management (ARM), Business Role Management (BRM) and Emergency Access Management (EAM)
• Pro-actively identify cybersecurity risks across the portfolio and review access controls with reference to external audit best practice and SAP Best practice

Key Responsibilities
Regulatory & Business Conduct

• Display exemplary conduct and live by the Group's Values and Code of Conduct.
• Take personal responsibility for embedding the highest standards of ethics, including regulatory and business conduct, across Standard Chartered Bank. This includes understanding and ensuring compliance with, in letter and spirit, all applicable laws, regulations, guidelines and the Group Code of Conduct.
• Effectively and collaboratively identify, escalate, mitigate and resolve risk, conduct and compliance matters.

Key stakeholders

• Internal Project Teams and Change Management Teams in technology and business facing areas
• External Vendors such as SAP and their partners

• SAP ABAP Role Design and Build
• SAP HANA Role Design and Build
• Security Integration
• GRC Access Control
• SAP Identity Access Governance
• Security Design Best Practices

• Security consultant involved in detailed design AND build
• SAP Hana Enterprise Cloud platforms versions with experience in S/4 Hana 2022
• design and create PFCG roles for Fiori front-end access, Front end OData services and ABAP core backend PFCG roles for access (query access / analysis authorisation) and for Authorisations
• Config, implement and maintain GRC Access Control for risk analysis, risk remediation, toxic access workflows, workflow, provisioning. Proven experience managing large number of users in complex landscape

Skills and Experience

• Working knowledge (preferably implementation) of IAG Bridge for managing Cloud applications and integration with GRC access control
• design and create HANA native roles for access to analytical and object privileges
• enabling data access controls for the attributes required by business user
• automation of complex provisioning with SAP components including via SAP GRC
• defining and implementing user stores in IDP to enable SAP SSO
• Provisioning access in project environments and devising solutions to make it efficient
• Implementing Best practice for security elements of integrations
• Must have experience in SAP Hana Database Security Access role build and privileges
• Must have at least ADM950 Secure SAP System Management certification
• Experience in at least 3 of the following is also mandatory
• design and create XSA Role Containers for Scope and Attribute Access
• SAP PAPM module and the security build and design
• SAP Analytics Cloud - managing SaaS application from security perspective, impact assessments, role and team design
• SAP Governance Risk and Control, implementing SOD rules, workflows and
• Experience across on-premise, hybrid and SaaS applications and understanding of Cloud Governance challenges
• Ability to create SECATT, SQVI, LSMW scripts when the situation demands
• Drive adoption of best practices across project teams. Perform low-level quality reviews of design and build of security elements and provide feedback where there are gaps
• Define best practice, implementation, and active governance of production such as emergency access management, support access, Segregation of Duty checks
• Understand the SAP security product roadmap across the full SAP portfolio and to navigate through upcoming changes, take advantage of new design features and identify any compatibility challenges

Qualifications

• Education Degree level
• Training Sap security trainings
• Certifications Adm950 secure sap system management

Our Ideal Candidate

• Excellent hands-on BUILD and DESIGN experience (min 7- 8 years) as an SAP security analyst with exposure to complex, global programmes involving multiple SAP Components as detailed above
• Excellent hands-on experience (min.7-8 years) as a HANA security analyst with participation in minimum 4 end-to-end implementations
• Hands-on experience (min.1 year) as an ABAP consultant
• Hands-on experience in configuration, maintenance and implementation of GRC Access Control and or IAG / IAG Bridge
• Worked in a role that has included role design, build, test governance, and production admin
• Strong communication and interpersonal skills with the ability to mentor and influence others

About Standard Chartered
We're an international bank, nimble enough to act, big enough for impact. For more than 170 years, we've worked to make a positive difference for our clients, communities, and each other. We question the status quo, love a challenge and enjoy finding new opportunities to grow and do better than before. If you're looking for a career with purpose and you want to work for a bank making a difference, we want to hear from you. You can count on us to celebrate your unique talents and we can't wait to see the talents you can bring us.
Our purpose, to drive commerce and prosperity through our unique diversity, together with our brand promise, to be here for good are achieved by how we each live our valued behaviours. When you work with us, you'll see how we value difference and advocate inclusion.
Together we:

• Do the right thing and are assertive, challenge one another, and live with integrity, while putting the client at the heart of what we do
• Never settle, continuously striving to improve and innovate, keeping things simple and learning from doing well, and not so well
• Are better together, we can be ourselves, be inclusive, see more good in others, and work collectively to build for the long term

What we offer
In line with our Fair Pay Charter, we offer a competitive salary and benefits to support your mental, physical, financial and social wellbeing.

• Core bank funding for retirement savings, medical and life insurance, with flexible and voluntary benefits available in some locations.
• Time-off including annual leave, parental/maternity (20 weeks), sabbatical (12 months maximum) and volunteering leave (3 days), along with minimum global standards for annual and public holiday, which is combined to 30 days minimum.
• Flexible working options based around home and office locations, with flexible working patterns.
• Proactive wellbeing support through Unmind, a market-leading digital wellbeing platform, development courses for resilience and other human skills, global Employee Assistance Programme, sick leave, mental health first-aiders and all sorts of self-help toolkits
• A continuous learning culture to support your growth, with opportunities to reskill and upskill and access to physical, virtual and digital learning.
• Being part of an inclusive and values driven organisation, one that embraces and celebrates our unique diversity, across our teams, business functions and geographies - everyone feels respected and can realise their full potential.

37807