Cybersecurity Lead

Primary Tasks:

• Provide technical expertise, leadership, and consultative support to client, IT management, developers and staff in risk assessments, architecture, design, implementation and operational aspects of information security plans, procedures, and products with a focus on the SAP / S4HANA, Ariba, SuccessFactors, including ECC, GRC and other SAP based applications.
• Designs, develops, and maintains SAP user management and security architecture across multiple SAP environments in addition to providing solution recommendations.
• Ensures compliance with government and corporate security guidelines including Segregation of Duties (SoD), Sarbanes-Oxley (SOX) and Privacy related standards. Develops and implements SAP security policies, processes, architecture, training, and communications.
• Perform access control and design account security for information resources within the SAP landscape that conforms to company process controls.
• Support the completion of scheduled reports (e.g., daily, monthly, quarterly) supporting internal controls leveraging SAP security mechanisms.
• Advises on information security opportunities that can be utilized or adapted to meet business area objectives in leveraging SAP related systems.
• Develop, evaluate and implement security plans, awareness communications, products and control techniques for SAP application initiatives and operational support.
• Provides leadership in the evaluation, development and implementation of security standards, procedures and guidelines for multiple platforms and diverse systems environments (e.g., firm-wide, distributed, client server systems, and e-applications) with a focus on the SAP environments.
• Provides technical support and training to the Information Security staff and assists Management in the development of the overall project plans and timetables.
• Investigate and recommend appropriate corrective actions for information security incidents.
• Maintain an awareness of existing and proposed security standard setting groups, State and Federal legislation and regulations pertaining to information security.
• Identifies regulatory changes that will affect information security policy, standards, and procedures, and recommends appropriate changes.
• Design, develop and maintain SAP security management and architecture practices across multiple SAP environments in addition to providing solution recommendations.
  • Advocate for exploring and leveraging standard solutions first.
  • Ensure compliance with government and corporate security guidelines.
  • Develop, administer, and execute preventive security maintenance programs, oversee problem management, perform root cause analysis and corrective action plans, and administer and report on security SLAs.
  

Work Experience / Skills & Competencies:

• SAP Security certifications (ADM940, ADM945, ADM960)
• Knowledge of Governance, Risk, and Compliance (GRC)
• Deep dive and hands-on on SAP role configuration.
• SAP security configuration experience with RBAC, SSO, Audit, and SOX compliance.
• Experience with security model design, and requirements on Cloud (AWS, GCP, Azure).
• Experience with tokenization, data integrity and encryption technologies.
• Experience in at least two end-to-end SAP S/4HANA Project implementations