• ERP SAP Security Analyst - Contract

    Location CA-AB-Calgary
    Job ID
    Position Type
    Asset Team/Group
    Job Post End Date
  • About Cenovus

    We're a Canadian integrated oil and natural gas company headquartered in Calgary. We're committed to maximizing value by responsibly developing our assets in a safe, innovative and efficient way.


    Our Operations include oil sands projects in northern Alberta, which use specialized methods to drill and pump the oil to the surface, and established natural gas and oil production in Alberta and British Columbia. We also have 50 percent ownership in two U.S refineries.


    Our shares trade under the symbol CVE, and are listed on the Toronto and New York stock exchanges.

    About this Opportunity

    Cenovus currently has a contract position available for an ERP Security Analyst on the Cyber Security Team. Reporting to the Manager, Cyber Security, this role is responsible for SAP & GRC Security and general IT security controls provisioning, administration and maintenance. The primary function of the role includes designing and implementing SAP and GRC Security Roles, maintaining Segregation of Duties, Risk and Controls Analysis, User Access Provisioning, GRC Administrative activities, Security Analytics, GRC reviews and reporting. The successful candidate will have good knowledge of SAP Security and be a strong team player with the ability to collaborate with various IT groups.

    Work Environment

    This is a contract 12-month position location in our downtown Calgary office.


    • User master data creation and administration
    • Creation of single and composite SAP Security roles and managing role assignments
    • Perform User Access reviews and leverage the SUIM utility to effectively troubleshoot user access issues
    • Provide SAP Security role and user information to support internal and external audit requirements
    • Perform access provisioning and de provisioning in GRC following standard best practices and procedures
    • Create and manage fire fighter IDs and perform periodic access reviews for firefighter usage
    • Perform risk analysis, identify risks and work with stakeholders to resolve risks and ensure segregation of duty (SoD)
    • Communicate any potential security risks and actively collaborate with stakeholders to determine the appropriate controls
    • Responsible for executing and aligning to IT Security controls compliance requirements to ensure controls adherence
    • Optimize SAP security / GRC practices to align with industry best practices
    • SAP internal security administration and governance
    • Follow the approved ERP Systems Strategy as the basis in creating, implementing and maintaining a framework of controls, integrity and data oversight for SAP
    • Troubleshoot, analyze, and resolve Security issues of concern. Create and maintain documentation on security processes referencing the Security Strategy as applicable
    • Work and coach other ERP Security Analysts on implementing security changes, analyzing or troubleshooting on SAP Security related issues
    • Participate on other ad-hoc projects as required


    • Must be legally entitled to work in Canada
    • Strong knowledge of SAP and GRC Security and working with SAP Security Roles and Profiles
    • In-depth knowledge and hands on experience with the SAP GRC, EAM and UAM modules
    • Segregation of Duty conflict resolution experience
    • 1 – 5 years of security related experience preferably within the Oil and Gas industry
    • Process oriented with the ability to discuss, advise, coordinate, and document processes
    • General knowledge of security technologies, models & strategies
    • University or college degree or equivalent experience in IT
    • Strong interpersonal, collaboration and verbal/written communications skills
    • Self-reliant/self-motivated and must work well in a dynamic team environment

    To Apply, Click on Link Below

    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed