Description & Requirements
We are seeking a SAP GRC (Governance, Risk, and Compliance) Implementation Team Lead to join our team supporting an Internal Revenue Service (IRS) client.
As SAP GRC Implementation Team Lead the candidate will play an integral role in engaging with business stakeholders, including IT teams, system integration and audit teams, to design and develop the system landscape strategy for SAP systems. Will lead the security strategy, design, and implementation for SAP programs or projects.
- Identify risks, threats, and vulnerabilities that may impact the overall security of SAP systems.
- Maintain documentation of the implemented security design and associated role assignment strategy.
- Lead and manage a team of GRC specialists and work to ensure effective GRC operations.
- Apply deep technical expertise in SAP S/4 HANA and Fiori security.
- Design and develop SAP GRC Access Control suite of programs, including user provisioning, segregation of duty management, emergency access, and role management.
- Work with functional / ABAP development teams and ensure that security designs meet functional and technical requirements.
- Get Sign off from Business and complete the Build and Test for security/GRC accordingly.
- Migrate and manage user roles and permissions in S4/HANA Environment and maintain the Governance Risk and Compliance (GRC) modules.
- Perform Segregation of Duties (SOD) analysis and manage the SOD risk remediation process; continually monitor production environments for security violations.
- Coordinate GRC audits, liaising with internal and external auditors as required.
- Setup GRC User Access Management Process to monitor key business processes.
- Create deliverable materials for a range of recipients including technical teams, business teams, project leads and executives.
Position is remote within US.
*Position is contingent on contract award.
Project Specific Qualifications:
- Bachelor's Degree in Information Technology or related field from an accredited college or university required; an additional four (4) years of related work experience can substitute for a degree.
- At least ten (10) years of relevant experience required.
- Prior experience leading a team.
- Experienced in S/4HANA GRC roadmap and associated mappings.
- Deep understanding of the SAP authorization concept and the role-based access control model.
- Experience in SAP GRC Access Controls Suite / Process Controls Suite.
- Experience with implementation of mitigation controls for Segregation of Duties (SOD) violations and remediation.
- Experience in risk assessments and audits related to all products and functions FICO/AM/Procurement/ Payroll, BPS/BW-BO/BASIS and Fiori.
- Excellent communication and interpersonal skills.
- Ability to interface with all levels of management.
- Excellent time management, scheduling and organizational skills.
Preferred experience:
- Current IRS Minimum Background Investigation (MBI).
- Knowledge of IRS business systems and data.
- Experience with Scaled Agile Framework (SAFe) methodology, including Scrum or Kanban processes.
- SAP certification in relevant modules.
Additional requirements as per Contract/Client:
- Candidates must meet requirements to obtain and maintain Moderate Risk MBI.
- Candidates must be a US Citizen or a Legal Permanent Resident (Green Card status) for at least three (3) years, and Federal Tax compliant
Essential Duties and Responsibilities:
- Lead the design, development, engineering, and implementation of application solutions that meet security requirements.
- Lead the collaboration with cybersecurity contacts and/or clients to triage, document, and address application security vulnerabilities.
- Design and implement role-based access control architecture and Segregation of Duties (SOD) protocol.
- Communicate solutions and updates to senior leadership, which may include clients.
- May support Authority-to-Operate (ATO) process.
Minimum Requirements
Minimum Requirements:
- Typically has a University Degree (BA/BS) or equivalent experience and minimum 7 years of related work experience.
EEO Statement
Active military service members, their spouses, and veteran candidates often embody the core competencies Maximus deems essential, and bring a resiliency and dependability that greatly enhances our workforce. We recognize your unique skills and experiences, and want to provide you with a career path that allows you to continue making a difference for our country. We're proud of our connections to organizations dedicated to serving veterans and their families. If you are transitioning from military to civilian life, have prior service, are a retired veteran or a member of the National Guard or Reserves, or a spouse of an active military service member, we have challenging and rewarding career opportunities available for you. A committed and diverse workforce is our most important resource. Maximus is an Affirmative Action/Equal Opportunity Employer. Maximus provides equal employment opportunities to all qualified applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status or disabled status.
Pay Transparency
Maximus compensation is based on various factors including but not limited to job location, a candidate's education, training, experience, expected quality and quantity of work, required travel (if any), external market and internal value analysis including seniority and merit systems, as well as internal pay alignment. Annual salary is just one component of Maximus's total compensation package. Other rewards may include short- and long-term incentives as well as program-specific awards. Additionally, Maximus provides a variety of benefits to employees, including health insurance coverage, life and disability insurance, a retirement savings plan, paid holidays and paid time off. Compensation ranges may differ based on contract value but will be commensurate with job duties and relevant work experience. An applicant's salary history will not be used in determining compensation. Maximus will comply with regulatory minimum wage rates and exempt salary thresholds in all instances.