SAP Security/GRC Analyst

About Alphanext

Welcome to Alphanext, a leading provider of talent solutions headquartered in London, with operational bases in Pune and Indore. With a strong focus on the global technology community, we are dedicated to connecting exceptional talent with innovative organizations around the world.

The Role

As our new ServiceNow Technical Architect, you'll play a vital role in shaping and executing our ServiceNow platform strategy to drive innovation and ensure seamless service delivery across our global operations.

Key Responsibilities

• Defines, guides, and supports the execution of Alphanext clients' technical governance processes
• Assists in developing standards and practices for maintaining the health of Alphanext clients' ServiceNow platforms
• Supports design and implementation of a platform operating model to achieve Alphanext clients' desired outcomes and foster end-user adoption
• Provides technical evaluation of demands against Alphanext clients' ServiceNow platform architectures, platform capabilities, and best practices
• Guides ServiceNow Platform design, including considerations for integration and performance for Alphanext clients
• Assesses architecture and solution designs to support Alphanext clients' objectives including alignment with ServiceNow implementation best practices
• Offers guidance on prototyping and accelerating time from design to deployment for Alphanext clients
• Provides technical guidance in platform development and platform-wide solutions for Alphanext clients
• Advises on configuration and coding standards for Alphanext clients
• Supports remediation of configurations not aligned to ServiceNow best practices for Alphanext clients
• Assesses instance health (performance, manageability, usability, scalability, upgradability, and security) by conducting ServiceNow HealthScan for Alphanext clients

Experience you should have 

• ServiceNow System Administration Certification (mandatory)
• ServiceNow HR, CSM and ITIL Foundation certification
• Experience in the following ServiceNow modules:
• ITOM – CMDB, Discovery, Service Mapping
• ITBM – Project Portfolio Management, Release Management, Agile
• HRSD (HR Service Delivery) and Finance
• GRC – Governance, Risk, and Compliance
• CSM – Customer Service Management module exp (Mandatory)
• ITSM – Incident Management, Problem Management, Change Management, Knowledge Management, Service Portal, Service Catalog
• Expertise in Client Scripts, UI Policy, UI Scripts, Script Includes, Business Rules, Scheduled Jobs
• Possess good communication skills
• ITIL Foundation Certification would be a plus or can do before joining
• Implementation Specialist certification would be a plus

The Impact You'll Make

• Establish an enterprise-wide technical architecture and implementation strategy setting the foundation for Alphanext customer's enduring ServiceNow success.
• Drive standardization and best practice platform management, enabling customer to focus on value delivery.
• Institute technical governance to optimize platform performance and minimize long-term technical risk.
• Enable rapid upgrades to new features and innovation that drive new value for Alphanext and it's customer. 
• Build a platform team focused on delivering value and innovation.

Job Code: DSSR0001

Experience: 4+ years 

Shift: UK (2 pm to 11 pm)

Work Location: Chennai / 100% work from the office.

Job Description: 

ServiceNow is a cloud-based platform that provides IT services management (ITSM), IT operations management (ITOM), and other business process automation solutions. The role involves designing, developing, and maintaining applications on the ServiceNow platform. They have expertise in customizing and configuring the ServiceNow platform to meet the specific needs of the business. 

Responsibilities:

• Integration and Automation: Integrate ServiceNow with external systems, applications, and tools using REST/SOAP APIs, MID Server, and scripting languages like JavaScript. Automate processes and workflows to streamline IT service delivery and enhance operational efficiency.
• Testing and Documentation: Develop test plans, perform unit testing, and assist with user acceptance testing (UAT) to ensure quality and functionality of ServiceNow solutions. Create and maintain technical documentation, including design specifications, configuration guides, and process documentation.
• System Configuration: Configure ServiceNow modules, tables, fields, forms, views, notifications, and other system components to meet business needs. Define and maintain data models, access controls, and user roles within the ServiceNow platform.
• Develop and maintain ServiceNow applications using JavaScript, HTML, CSS, and other scripting languages.
• Data Governance, Data Reporting, Service Now Dashboards development, ITIL Process Architecture, Regulatory Systems and documentation Exp.
• Create and manage ServiceNow service Catalog items, workflows, and catalog tasks. 
• Integrate ServiceNow with other systems and applications using APIs and web services. 
• Platform testing, debugging, and troubleshooting of ServiceNow applications and workflows.
• Provide technical expertise and guidance to the ServiceNow development team. 
• Stay updated with the latest ServiceNow features, releases, and best practices.

Requirements:

• Bachelor’s or Master’s degree in computer science or a related field.
• A background in software development, engineering, IT business administration, Agile/SAFE, databases, or similar.
• Strong experience in Service Now CMDB Development.
• CMDB - API based data integrations, CSDM 4.0, Service Now Discovery and ITOM experience, Cloud - AWS, Azure Discovery, Service Mapping Exp, IRE Exp.
• Proven development and delivery of Security & Risk/GRC development in client environments.
• ServiceNow CIS certification in Risk & Compliance, GRC.
• Experience with key technologies relevant to ServiceNow integration solutions including SSO, SAML, SSL, Web Services, LDAP, JDBC, ODBC, REST, SCP, FTPS.
• ServiceNow Certified System Administrator (CSA)
• ITIL Foundations Certification
• Quick learner, self-motivated and can work independently.
• Strong verbal, written communication skills and a collaborative problem-solving style.

Location: Abu Dhabi, United Arab Emirates (UAE)

Nationality: Any

Desired Experience: 10+ years

Job Description :

To guide and advise customers on building SOC-related services from scratch or assist in improving existing services. To assess the maturity and capability of services in scope and propose improvements. Closely working with other SOC teams, and assisting them in achieving their goals. To work closely with the rest of the Advisory team and exchange knowledge and experience.

What You’ll Do

• Deliver high-level strategy and executive advisory services.
• Lead client engagements in security advisory at the highest strategic level.
• Establish and align business principles and objectives to the long-term security operational vision by applying tactical guidance for various information security operating models.
• Perform SOC maturity assessments and build precise roadmaps based on the goals and objectives of the organization.
• Provide clients with guidance during the Initial Operating Capability (IOC) through full operational capability (FOC) covering key aspects of SOC domains such as business, process, governance, technology, people, and services.
• Create and build on the concept of operations (ConOps) in the pre-work stages that strategically prepare the client for the successful implementation of security technology and operations.
• Assist clients with recommendations in different advisory stages, such as creating security operations strategy (SOC Charter), developing training programs, assisting with use case framework implementation, developing standard operating procedures, and applying service/integrated frameworks.
• Possess the ability to identify the client's problems and use common consulting management skills such as facilitation, gap analysis, interviewing, and engaging in multiple workshops with key stakeholders.
• Collaborate with clients to define services and build technology strategies as part of the build, plan, and design phases of security operations.
• Perform as a subject matter expert (SME) in strategy conversations with C-level panels to provide exceptional IT/OT/Cloud/Physical security, compliance, regulations, and industry best practices that promote the overall mission and vision of the organization.
• Maintain a good understanding of security trends and methods for pinpointing cyber and physical security solutions that fit the client's business, financial, and technological objectives.
• Identify, build, and create cyber solutions to address security issues, perform security operations content reviews, draw conclusions, and develop strategic guidance.
• Assess and develop the current security operation effectiveness by reviewing operating procedures, workflows, policies, frameworks, and operational reporting.
• Consistently contribute towards industry-specific offerings/professional security forums/internal departmental blogs/publications/develop thought leadership.
• Contribute to the proposal process for SOC Advisory services while collaborating with other internal group members to solidify the sales pitch approach.

What you bring to the table

• 10+ years of extensive IT Security / IT Consultancy/client-facing roles related to SOC/Security operations projects (Cybersecurity Managers, IT Security Engineers, Security Analysts, Senior/Principal Security Analysts)
• Experience in SOC strategy, roadmap and documentation development, adapted to client organization (Services catalog, Security Incident Response management plan, playbooks)
• Possess the ability to support the vision and mission of any organization's security program.
• Retained proficiency in delivering high-quality and high-level strategic and advisory services.
• Possesses certifications related to enterprise information security frameworks and/or compliance, regulation-type frameworks.
• Experience in understanding complex activities and relationships quickly, assessing business and delivery risks, and communicating them effectively.

Benefits

• Schooling
• Flight & visa allowance for self and family
• Mobile Allowance
• Insurance for self & Family
• Life Insurance for self

What The Role Is

We are looking for an GRC Operations Officer based in Chennai. This is a new role within the growing IT Compliance function, where you will be responsible for handling audits, implementation of information security policies etc,. The successful candidate will be comfortable working with the team on implementing frameworks and providing support for internal and external stakeholders. Reporting to the IT Compliance Officer for our Chennai team, this role is integral to the successful growth of the team as well as wider company performance.  

What You’ll Do

• Contribute and assist with continuous improvement of company policies, practices, and procedures
• Review, modify and maintain existing practices and policies to reflect our operations and values within specific industry-standard frameworks like ISO and NIST, among others
• Provide support for internal and third-party audits
• Respond to due diligence and TPRM requests from customers and other interested parties.
• Support internal staff with GRC-related questions and topics
• Develop, maintain and execute awareness programs
• Be a local representative of the company’s GRC group and manage the physical security requirements for the location
• Work independently and prioritize multiple tasks and adapt to needed changes
• Effectively communicate risks to diverse audiences, both in writing and verbally
• Apply a risk-based approach to planning, executing, and reporting on audit engagements and auditing process;

What You’ll Bring

• 2-5 years IT Security, IT risk, IT auditing, and/or IT Compliance experience within a technology company, accounting firm,  or others.
• Bachelor's degree or equivalent work experience working in compliance/GRC team.
• Exceptional organisational skills and attention to details.
• Knowledge of applicable domestic and internationally recognized information security management, governance, and compliance principles, practices, laws, rules and regulations;
• Information systems auditing, monitoring, controlling, and assessment process.

Perks & Benefits: 

• Competitive base salary
• Equity - every employee is a stakeholder in our enormous upside
• A tech-first company culture driven by entrepreneurial thinking and talent
• A great team working in unison towards the same mission
• Transparency is what our product is built on—and so is our culture
• Generous health insurance benefits for employees and their dependents
• Parental leave.
• Flexible work schedule and work-from-home options
• Flexible PTO