Product Security Engineer - SAP

Job Summary:

We are seeking an experienced Product Security Engineer - SAP to join our team. This position will be responsible for security engineering for a variety of SAP applications/modules, including S/4, HANA DB, and other areas. This role will work with the application owners, develop and support security priorities, create and maintain standards and procedures, and provide expertise in the area of SAP and other non-SAP applications as they relate to the security of any SAP instance and iHerb as a whole.

Job Expectations:

The duties encompass security review and consultation of SAP and non-SAP applications that are connecting to SAP instances, assisting in the design and build of security authorizations, ensuring compliance to security policies and procedures, resolving access problems and handling security incidents. This is a cross-functional support role to the organization and will interface within and outside of the Technology department. In this role it is critical to build and maintain internal relationships and external business partners.

• Provides security and technical expertise to support the development of security objects to satisfy business requirements.

• Demonstrates a comprehensive skill set with testing authorizations for multiple environments and coordinates testing with business/technical users.

• Validates system configurations to ensure the safety of information systems assets and protects information systems from intentional or inadvertent access or destruction.

• Implements best practice when applying knowledge of information systems security standards/practices (e.g.access control and system hardening, system audit and log file monitoring, security policies, and incident handling).

• Identifies security gaps that expose iHerb to potential threats, and develop short- and long-term prioritized remediation to address those gaps.

• Identifies and resolves problems often anticipating issues before they occur or before they grow; develops and evaluates options; and implements solutions that support the business.

• Creates dashboards, configures alerts, implements and supports security software platforms, configure and maintain Onapsis for SAP platform and tools, scan, generate vulnerability reports for S4, HANA DB, ABAP custom code, analyze and follow up with SAP teams to implement remediations.

• Understands compliance requirements that may impact security, and works with business areas and project teams to develop security solutions that address these requirements.

• Collaborates with business partners, project teams, and team members to build secure solutions that protects data and enables the business with tools and processes that make sense, and adapt to changing business needs both on-premises, and in the cloud.

• Designs, develops, maintains SAP user management and reviews security architecture across SAP environments.

The duties and responsibilities described above may provide only a partial description of this position. This is not an exhaustive list of all aspects of the job.  Other duties and responsibilities not outlined in this document may be added as necessary or desirable, with or without notice.

Knowledge, Skills, and Abilities:

Required:

• Bachelor’s degree in related field of study or equivalent work-related experience 

• 3-5 years hands on SAP Security experience

• Understanding of SAP security best practices

• Self-motivated, flexible, openness to learn new things, and strong focus on customer needs.

• Ability to work with limited supervision and exhibit a strong sense of urgency.

• Ability to effectively mentor team members.

• Strong time management and decision-making skills.

• Experience in successful project implementations.

• Able to support off hours work as required

#LI-JC1 #LI-REMOTE