Parceria sob medida.
Senior SAP GRC Consultant
Location
Brazil
Posted
7 days ago
Salary
0
Seniority
Senior
Job Description
Senior SAP GRC Consultant
UltraCon Consultoria
• Perform daily AMS support activities, including user access provisioning, role maintenance, access troubleshooting, and responding to SAP security incidents and requests. • Analyze and resolve authorization errors across various SAP systems (ECC, S/4HANA, Fiori, BW, GRC, Cloud, etc.). • Manage requests to modify, create, or delete roles according to business and project needs. • Work with functional and technical teams to design and validate role changes, ensuring alignment with Segregation of Duties (SoD) and compliance standards. • Support GRC processes (Access Request Management, Access Risk Analysis, Emergency Access Management), when applicable. • Participate in regular client meetings and maintain clear communication on ticket status and resolution progress. • Follow and maintain appropriate documentation of AMS processes and the knowledge base. • Identify opportunities for process improvement or automation within the scope of Security & Authorizations (S&A) support.
Job Requirements
- Degree in Information Technology, Computer Science, or a related field.
- Advanced English.
- Excellent analytical and problem-solving skills.
- Ability to work independently and as part of a team.
- Excellent communication and interpersonal skills.
- Stakeholder management: maintain strong relationships with clients and other stakeholders.
- Familiarity with ITIL processes and best practices.
- Experience with ITSM tools (ServiceNow or similar) for ticket management.
Benefits
- Remote work
- Business hours
Related Guides
Related Categories
Related Job Pages
More Compliance Jobs
Cybersecurity Strategy & Compliance Advisor
SixGen, Inc.SIXGEN’s mission is to deliver agile, mission-ready cybersecurity solutions that empower government and critical infrastructure organizations to stay ahead of advanced cyber threats. We combine innovation, deep expertise, and cutting-edge capabilities to uncover vulnerabilities, protect vital systems, and ensure operational superiority in an ever-evolving digital landscape.
Role Description The Cybersecurity Strategy & Compliance Advisor serves as a trusted advisor to executive leadership, supporting the development, implementation, and maturation of enterprise cybersecurity governance, risk management, and compliance (GRC) programs. This role provides strategic guidance on federal cybersecurity policies, emerging regulations, executive directives, and security frameworks while ensuring alignment between cybersecurity initiatives and organizational business objectives. The ideal candidate possesses extensive experience advising Chief Information Security Officers (CISOs) and senior executives, interpreting Executive Orders and federal cybersecurity mandates, and translating complex regulatory requirements into practical governance, security, and compliance strategies. This individual will play a key role in advancing Zero Trust initiatives, continuous monitoring capabilities, AI governance, and enterprise risk management across the organization. Key Responsibilities - Cybersecurity Strategy & Governance - Advise executive leadership and cybersecurity management on enterprise security strategy, governance, and risk management initiatives. - Align cybersecurity programs with organizational mission objectives, business priorities, and operational requirements. - Support the maturation of cybersecurity governance programs, policies, standards, and procedures. - Provide strategic guidance to Cybersecurity Strategy Center initiatives and cross-functional governance activities. - Develop executive-level briefings, strategic recommendations, and cybersecurity roadmaps. - Governance, Risk & Compliance (GRC) - Lead and support Governance, Risk, and Compliance (GRC) activities across the enterprise. - Develop, review, and maintain cybersecurity and privacy policies aligned with federal requirements. - Interpret and operationalize Executive Orders, Office of Management and Budget (OMB) memoranda, CISA directives, NIST guidance, and other federal cybersecurity mandates. - Ensure organizational compliance with: - Federal Information Security Modernization Act (FISMA) - NIST Risk Management Framework (RMF) - NIST Special Publications (including 800-53 and 800-37) - Zero Trust Architecture guidance - Federal cybersecurity policies and directives - Support third-party risk management and supply chain security initiatives. - Identify opportunities to automate compliance monitoring, evidence collection, and reporting activities. - Advise on Artificial Intelligence (AI) governance, security guardrails, and responsible AI implementation. - Assess cybersecurity impacts of new technologies and recommend appropriate security controls. - Continuous Monitoring & Authorization - Support modernization of Authorization to Operate (ATO) and continuous monitoring processes. - Develop strategies to automate security control assessments using NIST SP 800-53 controls. - Define technical controls suitable for automated assessment and continuous validation. - Evaluate security data sources including SIEM, endpoint detection, vulnerability management, and cloud security tools to improve continuous compliance monitoring. - Develop automated risk thresholds, monitoring criteria, and reporting mechanisms to support ongoing authorization. - Support alignment with FedRAMP 20X modernization initiatives and evolving federal cloud authorization requirements. - Research and provide recommendations for continuous monitoring of Artificial Intelligence systems consistent with Information Security Continuous Monitoring (ISCM) standards. - Evaluate automated monitoring solutions to identify anomalies, measure security performance, and improve organizational cyber resilience. - Stakeholder Engagement - Conduct cybersecurity education, awareness, communication, and outreach activities. - Collaborate with executive leadership, technical teams, compliance organizations, and external stakeholders. - Present complex cybersecurity concepts to technical and non-technical audiences. - Facilitate governance meetings, working groups, and strategic planning sessions. Qualifications - Bachelor's degree in Cybersecurity, Information Assurance, Information Technology, Computer Science, or a related field. - 5+ years of experience supporting federal cybersecurity governance, compliance, or enterprise security programs. - Demonstrated experience advising CISOs, executive leadership, or senior government officials on cybersecurity strategy. - Extensive knowledge of: - Federal Information Security Modernization Act (FISMA) - NIST Risk Management Framework (RMF) - NIST SP 800-53, 800-37, and related publications - Zero Trust Architecture - Information Security Continuous Monitoring (ISCM) - FedRAMP and cloud security authorization processes - Experience interpreting Executive Orders, OMB memoranda, federal cybersecurity directives, and government-wide security policies. - Experience developing cybersecurity policies, governance documentation, and compliance frameworks. - Familiarity with Governance, Risk, and Compliance (GRC) platforms and compliance automation tools. - Strong understanding of enterprise risk management principles and cybersecurity governance. Preferred Qualifications - Certified Information Systems Security Professional (CISSP) - Certified Information Security Manager (CISM) - Certified in Risk and Information Systems Control (CRISC) - Project Management Professional (PMP) - Experience supporting Treasury, DHS, or other civilian federal agencies. - Experience with Artificial Intelligence governance, AI security, or emerging technology policy. - Knowledge of SIEM platforms, vulnerability management solutions, endpoint detection and response (EDR), and cloud security monitoring technologies. Knowledge, Skills, and Abilities - Ability to interpret complex federal cybersecurity regulations and translate them into actionable organizational guidance. - Strong understanding of executive-level cybersecurity governance and risk management. - Exceptional analytical, policy development, and strategic planning skills. - Ability to balance regulatory compliance with operational and business objectives. - Strong written and verbal communication skills, including development of executive briefings and policy documentation. - Ability to lead cross-functional initiatives involving technical, operational, and executive stakeholders. - Demonstrated ability to evaluate emerging cybersecurity technologies, evolving federal mandates, and industry best practices to support informed, risk-based decision making. Compensation & Benefits - Competitive salary - Employer-paid health insurance premiums (medical, dental, vision) - Employer-paid short/long term disability insurance and basic life/AD&D insurance - 401K with a 4% employer contribution - Professional development reimbursement options available (training, certification, education, etc) - Flexible and remote work policies for most positions - Paid Time Off (PTO) at a rate of three (3) weeks plus one (1) day per year of service up to four (4) weeks annually - 11 paid holidays per calendar year - The anticipated salary range for this role is $100,000 - $155,000 per year, depending on experience and qualifications.
• Develop and execute innovative regulatory strategies that maximize development efficiency and increase probability of approval. • Serve as the primary regulatory contact with FDA for Contraline and other health authorities worldwide. • Lead all regulatory aspects of product development from preclinical stages through commercialization. • Provide strategic input when required into corporate planning, fundraising activities, business development transactions, and investor communications. • Participate in nonpromotional and promotional review as the Regulatory Affairs representative. • Build and scale the regulatory affairs function as the organization grows. • Lead preparation for regulatory agency meetings including Pre-IND, Type B, End-of-Phase 2, and Pre-NDA/BLA interactions. • Oversee preparation and submission of INDs, NDAs, BLAs, amendments, and global regulatory applications. • Provide regulatory leadership for drug-drug combination products and drug-device combination products. • Collaborate closely with Clinical Development, CMC, Quality, Nonclinical, Medical Affairs, and external partners. • Evaluate emerging regulatory risks and opportunities and provide proactive mitigation strategies. • Support diligence activities related to partnerships, licensing opportunities, and acquisitions.
Associate - Affordable Housing
JBA InternationalFor over 25 years, leading global information technology services company JBA International has been providing premier software development, consulting, and sta
Title: Associate - Affordable Housing (at least 3 Years of experience) Location: Los Angeles, Indian Wells, Irvine, Manhattan Beach, Ontario, Riv, CA Job Description: Nationally recognized law firm has an immediate opening for an Associate - Affordable Housing, with at least three years of affordable housing and real estate experience. - This individual will work on all aspects of affordable housing transactional work, including joint venture work, conventional and bond-financed loan work (borrower side), purchase and sale agreements, and general real estate work involved in acquisitions and dispositions of real property. - Substantive legal experience in some or all of the following areas is highly desirable: housing tax credits, public housing redevelopment, HUD programs, and CDBG implementation programs. * MUST BE LICENSED IN CA. Locations: OPEN TO ANY OFFICE Northern CA: Sacramento and Walnut Creek Southern CA: Indian Wells | Irvine | Los Angeles | Manhattan Beach | Ontario | Riverside | San Diego Prospective employees have provided feedback to the client that one of the most impressive traits of the Firm is the congenial working atmosphere fostered by partners and associates alike. Position is currently REMOTE until further notice, however candidate should reside in the areas of the designated locations.
Senior IT Risk and Compliance Analyst
NORC at the University of ChicagoNORC at the University of Chicago is an objective, nonpartisan, nonprofit academic research organization serving the public interest by delivering objective ana
Title: Senior IT Risk and Compliance Analyst Location: Washington, DC - D.C. - Washington DC Job Description: JOB SUMMARY: NORC at the University of Chicago seeks Senior IT Risk and Compliance Analyst to join our DSS Security and Compliance group. The successful candidate will be part of an IT Risk and Compliance team, expert in government security standards and regulations. The successful candidate will be part of an IT Risk and Compliance team, expert in government security standards and regulations. The team is responsible for specifying, documenting, validating, and maintaining IT security & privacy controls to ensure compliance with security requirements of clients (principally Government) and corporate standards for data and systems integrity. The team develops and implements tools and processes to measure and track IT risk and compliance metrics. The team provides guidance to IT functional teams on risk and compliance as it pertains to system development, documentation, testing, monitoring, and reporting. The team conducts risk assessments and security impact analyses of information systems. Location: This is a hybrid role based in our Chicago Loop or Washington, DC office, with a minimum of six days per month in the office. Remote candidates may also be considered. Qualified applicants must be U.S. citizens due to security clearance requirements for projects. DEPARTMENT: Digital Services & Solutions Security & Compliance NORC's Digital Services & Solutions group provides technology services to our staff and clients. Given the critical role technology plays in our day-to-day lives, we are committed to providing professional, high-quality solutions in order to further our collective goal of advancing social science research. RESPONSIBILITIES: - Work with the team in specifying, documenting, validating, and maintaining IT security & privacy controls to ensure compliance with security. requirements of clients (principally Government) and corporate standards for data and systems integrity. - - Help develop and implement tools and processes to measure and track IT risk and compliance metrics. - - Provide guidance to IT functional teams on risk and compliance as it pertains to system development, documentation, testing, monitoring, and reporting. - - Assist the team with conducting risk assessments and security impact analyses of information systems. - REQUIRED SKILLS: Education and Certifications: - Bachelor’s degree in computer science, Information Technology, or a related field (or equivalent years of experience). - - Professional certifications such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or similar certifications. - General Experience: - Minimum of 4 years of experience in information security roles, emphasizing security architecture and engineering solutions. - - Proven experience in performing network penetration testing, vulnerability scans, and configuration analysis. - - Experience overseeing project penetration testing activities. - - Preferred experience as an ISO for federal programs and projects. - - Experience coordinating communications across vendors, internal stakeholders, and program owners. - - Experience using CSAM - ATO Experience: - In-depth knowledge and experience guiding information systems through the Authorization to Operate (ATO) process: - - Proficient in navigating the complex landscape of ATO processes, demonstrating a successful track record in obtaining authorizations for information systems - - Extensive knowledge of the steps involved in the ATO process, ensuring compliance with government regulations and standards, including NIST Special Publications and FISMA - - A proven ability to streamline and expedite ATO timelines without compromising security standards, showcasing efficiency in documentation and regulatory adherence - - Expertise in developing and presenting comprehensive ATO documentation, including System Security Plans, to accrediting authorities and other relevant stakeholders - - Demonstrated skill in addressing and mitigating security risks identified during the ATO process, ensuring the secure operation of systems in various environments - - Exceptional communication skills to articulate ATO requirements, progress, and challenges to both technical and non-technical stakeholders, fostering collaboration and understanding. Risk Management Experience: - Demonstrated experience in developing threat models and security risk assessments. - - Ability to recommend mitigations and countermeasures to address identified risks, vulnerabilities, and threats. - - Experience conducting incident response across vendors, internal stakeholders, and program owners, including implementing, and coordinating the response plan, overseeing the technical response, and coordinating with legal, technical, and communications teams. Compliance and Documentation: - Thorough understanding and experience with government regulations and standards related to information security. - - In-depth knowledge of security compliance checks and the ability to perform audit activities. - - Experience in reviewing and validating security documentation, including system security requirements definition and System Security Plans. - - Experience conducting penetration testing across multiple vendors, contractors, and consultants that meet stringent client requirements. Communication and Guidance: - Strong communication skills with the ability to guide NORC customers on information security policies and regulations. - Ability to effectively communicate complex security concepts to both technical and non-technical stakeholders. SALARY AND BENEFITS: The pay range for this position is $97,000 - $120,000. This position is classified as regular. Regular staff are eligible for NORC’s comprehensive benefits program. Benefits include, but are not limited to: - Generously subsidized health insurance, effective on the first day of employment - Dental and vision insurance - A defined contribution retirement program, along with a separate voluntary 403(b) retirement program - Group life insurance, long-term and short-term disability insurance - Benefits that promote work/life balance, including generous paid time off, holidays; paid parental leave, bereavement leave, tuition assistance, and an Employee Assistance Program (EAP). NORC is committed to equity and transparency in its pay practices. We publish salary ranges and benefit information for every job. The listed hiring range reflects what we, in good faith, expect to pay at the time of posting, though actual compensation may vary and may be adjusted over time. A candidate’s placement within the range depends on factors such as competencies, education, qualifications, experience, skills, performance, and organizational needs. WHAT WE DO: NORC at the University of Chicago is an objective, non-partisan research institution that delivers reliable data and rigorous analysis to guide critical programmatic, business, and policy decisions. Since 1941, our teams have conducted groundbreaking studies, created and applied innovative methods and tools, and advanced principles of scientific integrity and collaboration. Today, government, corporate, and nonprofit clients around the world partner with us to transform increasingly complex information into useful knowledge. WHO WE ARE: For over 80 years, NORC has evolved in many ways, moving the needle with research methods, technical applications and groundbreaking research findings. But our tradition of excellence, passion for innovation, and commitment to collegiality have remained constant components of who we are as a brand, and who each of us is as a member of the NORC team. With world-class benefits, a business casual environment, and an emphasis on continuous learning, NORC is a place where people join for the stellar research and analysis work for which we’re known, and stay for the relationships they form with their colleagues who take pride in the impact their work is making on a global scale. EEO STATEMENT: NORC is an equal opportunity employer. NORC evaluates qualified applicants without regard to race, color, religion, sex, gender, national origin, disability, status as a protected veteran, sexual orientation, and other legally protected characteristics. #LI-MS1



