ERP Cyber Security Assurance Analyst

Would you enjoy to be responsible for executing ERP security assurance control as gatekeeper of internal controls for ERP security in SAP and Navision, proposing compliant solutions for project activities, change requests and for adhoc operational initiatives, ensure good documentation practices, expert of the Access Risk Framework process?
 

If yes, then your place is here with US as an ERP Cyber Security Assurance Analyst based in our MOL Campus in Budapest (11th district)

Project and change request assurance:
 

• Review and evaluate project proposals and tender material in relation to information security requirements.
• Supervise ERP-related change requests and provide guidance during the course of the engagements during all phases (planning, requirements definition, design, implementation and security acceptance testing, go-live).
• Embed detailed security requirements based on company security standards into all projects and change requests where there is information security relevance.
• Plan and undertake security acceptance tests, audits, execute thorough technical & process assessments on ERP systems and business applications.
   

Issue register and follow-up:
 

• Prepare detailed documentation on all security issues identified, provide accurate reports to project teams and management on ERP security matters.
• Track status of all security issues identified during security assurance activities and drive remediation efforts.
   

Access risk framework expertize:
 

• Act as expert for the Access Risk Management process initially for SAP later also for Navision.
• Evaluate projects and change requests for relevancy and coordinate update actions when required.
• Maintain updates in GRC system.
• Document changes and trigger periodic review actions for MOL and Slovnaft systems.
   

Collaborations - Work closely with:
 

• ERP cyber security architect on strategy and periodic alignments and major projects or updates,
• SAP Security Operations and Development teams,
• Various teams to ensure security controls and procedures are understood and successfully implemented and actively monitored.
   

ERP Internal Controls housekeeping:
 

• Ensure the operations of custom monitoring scenarios, sustain and enhance controls.
• Ensure that the existing monitoring scenarios (e.g. RSA) is up and running, reliable and enhance scope as relevant.
• Assess new ERP threats and security alerts, recommend remedial actions through the whole lifecycle of enterprise services.
• Be involved in security note related activities.
• Provide ideas or feedback to architecutre on potential ideas to improve SAP internal controls.
• Follow good documentation practices.
• Execute periodic compliance checks of scoped systems.
• Adhoc operational compliance support.

• University/College degree in Computer Science, Engineering or related field
• 3+ years of progressive experience in the information security industry 
• Understanding of ERP security principles, practices and standards and how they translate into real world technical solutions
• Ability to communicate complex technology concepts both at high level as well as on technical level

• Experience in ERP security covering information security assessment (technical or process), auditing, implementation of SoD or GRC is strongly desired

• Thorough understanding of ERP (SAP & Navision) security principles and best practices

• Experience in working in a multinational environment
• Skills to perform complex work for the ERP security / Governance, Risk and Compliance (GRC) area and general knowledge of other information security areas

• Certifications considered as advantage: SAP Certified Technology Associate - SAP Authorization and Auditing for NetWeaver 7.31 or C_GRCAC_10

• SAP Certified Application Associate - SAP BusinessObjects Access Control 10.0
• Fluent English knowledge

• A working location in 11th district
• Flexi time, home office possibilities, 2 HO per week
• Work together and learn from experienced team 
• Project related travelling possibilities in the region

• Career opportunities within MOL Group

• Annual bonus
• Maximalized - Gross 800.000 HUF - annual fringe benefits (with elements of SZÉP card, All you can move card, culture and sport event, health and pension insurance allowance, etc)
• Loyalty bonus (after 3 years of employment)
• Support at all stages of family life – baby born allowance, extra paid paternity leave, paid leave for single parents, MOL Égigerő kindergarten support and MOL Campus Égigerő daycare, school start support, student loan support)
• Support in difficult situations (health insurance support for employees with diability,advance salary payment, etc.)
• Preparation for retirement (pre-retirement support, pensioner benefits, company loyalty program)
• Awards and recognitions (extra leave days, project reward, leadership reward, etc.)
• Support for physical and mental well-being (fitness center, health programs and company help line)
• Other company benefits (MOL partner benefits, discounted fueling)
• Community building (MOL open day, family days, cooking days, Christmas concert)
• Discounted phone fleet package for family members
• Discounted MediCare health insurance for family members
• Life and accident insurance
• Travel allowance - 40 HUF/km
• 80% sick leave allowance