Let us introduce you the job offer by EY GDS Poland – a member of the global integrated service delivery center network by EY.

The opportunity

We’re looking for Senior SAP Security Consultant with expertise in Cyber / Information Security concepts, risk and controls concepts. This is a fantastic opportunity to be part of a leading firm whilst being instrumental in the growth of a new service offering.

As part of our EY Cyber Technology Consulting team, you would work on various AEET (Architecture Engineering & Emerging Technologies) projects for our customers across the globe. An important part of your role will be to actively establish, maintain and strengthen internal and external relationships. In line with EY’s commitment to quality, you’ll confirm that work is of the highest quality as per EY’s quality standards and is reviewed by the next-level reviewer. As an influential member of the team, you’ll help to create a positive learning culture, coach and counsel junior team members and help them to develop.

Your key responsibilities

• Engage in Cyber Security Architecture, Strategy & Governance, Cyber Risk & Compliance, Cyber Transformation and Co-Sourcing, Application & Network Security projects/engagements
• Engage in Cloud SAP Security projects
• Execute the engagement requirements and take ownership for the deliverables, along with review of work by junior team members
• Help prepare reports and schedules that will be delivered to clients and other parties
• Develop and maintain productive working relationships with the Clients
• Build strong internal relationships within EY Consulting Services and with other services across the organization
• Help senior team members in performance reviews and contribute to performance feedback for staff/junior level team members
• Foster teamwork and lead by example
• Train and mentor other project resources

To qualify for the role, you must have

Hands-on experience of more than 4 years with key components of components of SAP Basis and Security with Cyber Security (but not limited to):

• SAP Basis and Security consultant with experience in SAP Basis System Hardening, SAP Fiori Security and Fiori Architecture, SAP web Dispatcher, Web Application Firewalls and Web Security in General, And SAP Cloud platform.
• Experience with the most important SAP products - SAP S/4HANA, HANA Database, SAP C/4HANA, SAP SuccessFactors, SAP Ariba, SAP Fieldglass, SAP Qualtrics, SAP Concur.
• Application Security (Secure S/4HANA transformation projects beyond re-designing roles & authorizations, Ariba, Concur, SAP EWM, SAP Fieldglass)
• Experience in handling the assessment tools or in manual conduction of SAP Security Audits
• Basic understanding of roles & authorization concepts for S/4HANA, SAP HANA and SAP Fiori.
• Demonstrable experience in Identity & Access Management (IAM) technologies such as Single-Sign-On (SSO), Privileged Access Management and integration with SAP platform.
• Patch management and configuration (Secure Configuration, identify published vulnerabilities, Classify and prioritize vulnerabilities)
• Experience in implementing an SAP SIEM solution like SAP Enterprise Threat Detection (ETD) will be an added advantage
• Basic understanding of security certifications like ISO 27001, SOC, NIST etc.
• Background in security technologies, security architectures, security testing and software development
• Understanding of SAP Security Baseline ABAP / HANA and JAVA systems.
• Exposure to SAP Security Optimization Services & Secure Operations Map
• Strong understanding of Cloud platforms (Microsoft Azure, Amazon AWS, Google Cloud) including hands-on experience with SAP implementation and security hardening on these platforms
• Understanding of security issues, exploitation techniques and remediation measures and ability to implement new attack approaches/ vectors
• Perform threat modelling for applications and prepare reports for clients to highlight risks.
• Knowledge of integrating security tools, standards, and processes into the product life cycle (PLC)
• Improving and supporting application security tool deployments including static analysis and runtime testing tools
• Deep understanding of common application security vulnerabilities
• Demonstrated expertise in application security domain

Ideally, you’ll also have

• Project management skills.
• CISSP, CISA, CISM, CEH, ISO 27001 Lead Auditor and Lead Implementer

What we look for

We’re interested in intellectually curious people with a genuine passion and ability to learn and make their career in the SAP Security, Controls, and SAP GRC domain. If you have the confidence in both your presentation and technical abilities to grow into a leading expert here, this is the role for you.

What we offer

EY Global Delivery Services (GDS) is a dynamic and truly global delivery network. We work across six locations – Argentina, China, India, the Philippines, Poland and the UK – and with teams from all EY service lines, geographies and sectors, playing a vital role in the delivery of the EY growth strategy. From accountants to coders to advisory consultants, we offer a wide variety of fulfilling career opportunities that span all business disciplines. In GDS, you will collaborate with EY teams on exciting projects and work with well-known brands from across the globe. We’ll introduce you to an ever-expanding ecosystem of people, learning, skills and insights that will stay with you throughout your career.

• Continuous learning: You’ll develop the mindset and skills to navigate whatever comes next.
• Success as defined by you: We’ll provide the tools and flexibility, so you can make a meaningful impact, your way.
• Transformative leadership: We’ll give you the insights, coaching and confidence to be the leader the world needs.
• Diverse and inclusive culture: You’ll be embraced for who you are and empowered to use your voice to help others find theirs.

About EY

EY | Building a better working world

EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.

Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate.

Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.

If you can demonstrate that you meet the criteria above, please contact us as soon as possible.

The exceptional EY experience. It’s yours to build.