Application Security Governance Analyst/Specialist

Multiple Locations
Required Experience: 0 year(s)
Employment Type: Full-Time
Salary Range: Not available
Posted 6 days ago
Job Description
Columbia Sportswear Company, Portland, Oregon, Application Security Governance Analyst/Specialist. Duties: Evaluate security related business processes across enterprise applications for consistency and reliability around compliance, and provide improvement recommendations to management. Liaise between Business Risk Owners and Compliance and Application Security Technical Teams, to ensure application security development aligns with business requirements and compliance standards. Work closely with Change Management Team to ensure proper change control is practiced and documented for application security development and administration. Administer and execute specific IT application controls in accordance with approved control matrix. Work with Compliance Team to ensure mitigating controls are accurately identified and maintained within SAP GRC tool. Administer, configure, and evaluate SAP GRC Tool to ensure reliability, accuracy, and compliance is sustainable and upheld for usage, including maintenance of detailed multi-landscape Custom Ruleset. Coordinate with Technical Basis Team for technical troubleshooting, patching, and upgrades around SAP GRC Tool. Provide training and guidance to 1-4 SAP Security Analysts on compliance methodologies, application control execution techniques, and SAP GRC Tool usage. Education:Bachelor's degree in Computer Science, Electronic Engineering, or related field (foreign equivalent accepted); and Experience: Three years' experience as an SAP Compliance Analyst, SAP Security Analyst, Security Analyst, or similar position. Skills/Requirements: Three years' experience in each of the following: Working for global $2+ Billion annual revenues organization;
Designing and implementing Security on SAP ECC, SAP Solution Manager, and SAP GRC;
Using SAP Solution Manager CHARM for Change Management operations;
Using SAP GRC Access Control ARA, ARM, BRM, and EAM;
Designing and configuring Permission Level Custom Rulesets, configuring and executing Workflow enabled User Access Reviews on SAP GRC and collaborating and educating key business users around SOD concepts to assess existing SOD conflicts and accuracy;
Designing, creating, and applying mitigating controls within SAP GRC;
Maintaining owners within SAP GRC, including Firefighter owners, BRM Roles Owners, and ARA Risk Owners;
Working with Technical Basis Teams, completing a minimum of 4 SAP Support pack installations/Upgrades cycles; including security impact analysis, authorization object updates, and testing;
Creating technical documentation of Application Security Policy and Business Process; and
Cataloguing custom transactions and collaborating with Development Teams to ensure custom reports and transactions in SAP are properly secured with necessary authorization checks.
All experience, skills, and requirements may be gained concurrently. Employer will conduct background check prior to hire. EEO/AA Employer/Vets/Disabled/Race/Ethnicity/Sex/Sexual Orientation/Gender Identity/Age OTS-COL