Sr IT Manager, SAP S4 HANA Security & GRC Lead

Additional Locations:  N/A; US-MN-Arden Hills

Diversity - Innovation - Caring - Global Collaboration - Winning Spirit - High Performance

At Boston Scientific, we’ll give you the opportunity to harness all that’s within you by working in teams of diverse and high-performing employees, tackling some of the most important health industry challenges. With access to the latest tools, information and training, we’ll help you in advancing your skills and career. Here, you’ll be supported in progressing – whatever your ambitions.

About the role: 

Magellan is a global business transformation program accompanying a move of our ERP system from SAP ECC to S4 HANA. Magellan’s goal is to simplify, standardize and modernize our core business processes, enabling BSC to better leverage the power of data and to position our business for profitable and sustainable growth. 

The IT Senior Manager, Security & GRC Lead is an accomplished technical leader, proactive customer-focused advocate, and a team player with substantial technology experience across medical devices .  This is a key role, reporting to the Global Director ERP Development & Deployment, collaborating with the Magellan workstreams, strategic integration vendors, BSC BPL, SME, COP teams and stakeholders across the network. 

Your responsibilities include: 

• Supports SAP S4 HANA security of Boston Scientific’s Magellan SAP S4 HANA template for all SAP S4 HANA enterprise systems including S4/HANA, Fiori, GRC, ECC, BW, MDG, Solution Manager, SLT, and PI, etc.
• Makes use of the industry’s best standards from a security design perspective; providing a framework and templates for gathering, analyzing, and managing security configuration requirements, supports key technical strategies, monitors user access, license consumption, and SOX compliance support
• Works closely with internal and external customers to design, document, and implement SAP S4 HANA security and security policies that protect the company
• Manages a team of 1-2 FTEs and 10-12 Consultants 
• Documents SAP Security design and administration processes, creates and updates operational guides, and monitors existing operational guides for consistency and completeness
• Works with business teams to develop implement and improve on existing security controls
• Assures SAP security configuration compliance with standards and SOX controls
• Develops end-users roles and end-user authorities
• Performs segregation of duties and sensitive access analysis during the development/maintenance of roles
• Perform SAP GRC configuration, administration, and maintenance
• Plans and executes client engagements focusing on SAP GRC, SAP security, and audit readiness of SAP environments
• Develops and implements SAP security solutions to protect SAP systems from both internal and external threats
• Works with clients to identify opportunities for improvement in the areas of SAP GRC, SAP security, and SAP controls
• Responsible for delivering three core departmental responsibilities: Segregation of Duties (SoD) Analysis, GRC Administrator, and SAP Application security and user Provisioning Support
• Manage SAP GRC 12 Access Control and Process Control configuration and functions
• Partner with business units and Internal Audit to ensure proper separation of duties among roles and responsibilities set per role and environment
• Maintain documentation on Roles, GRC, Fiori and separation of duties
• Assist with IT audit functions relating to identity and access management
• Documentation updates including SOPs, Work Instructions and Knowledge articles
• Support proposal and business development activities by assisting in the identification of new target clients, building business relationships with key executives and developing/presenting proposals

What we’re looking for: 

• Bachelors Degree
• Minimum 15 years of recent experience in any of the following areas: SAP audit, SAP controls, SAP security design/re-design, SAP GRC implementation
• Minimum 15 years of SAP security experience on SAP HANA security
• Minimum of 10 years of work experience in IT Risk Management, SOX compliance, and/or auditing with a strong background in IT controls
• The candidate must have hands-on experience with enterprise-level software development, integration, and implementation of specified technological areas, which includes knowledge of applicable processes, methodologies, standards, products, and frameworks
• The candidate should have an advanced understanding of SAP products/components expert of SAP Security Concepts and demonstrate full technical competence
• In-depth SAP security, HANA Security, Fiori security & GRC knowledge, and architecture skill
• Experience with configuration of GRC module (ARA, ARM, EAM, BRM) with configuration parameters, workflow and data source, and workflow tasks
• Strong knowledge and understanding of SAP Technologies and Methodologies Expert in Detailed Planning & Blueprinting of Security Implementations should understand advanced security areas like identity theft, data security breaches, data leakages cloud, and cyber security
   

#DICE #LI-HYBRID

Requisition ID: 558076

As a leader in medical science for more than 40 years, we are committed to solving the challenges that matter most – united by a deep caring for human life. Our mission to advance science for life is about transforming lives through innovative medical solutions that improve patient lives, create value for our customers, and support our employees and the communities in which we operate. Now more than ever, we have a responsibility to apply those values to everything we do – as a global business and as a global corporate citizen.

So, choosing a career with Boston Scientific (NYSE: BSX) isn’t just business, it’s personal. And if you’re a natural problem-solver with the imagination, determination, and spirit to make a meaningful difference to people worldwide, we encourage you to apply and look forward to connecting with you!