Cincinnati, OH, 45217, USA
13 days ago
Senior Manager, SAP Basis Security Governance
Job Location Cincinnati Job Description We are seeking a highly skilled and experienced professional to assume the role of Senior Manager, SAP Basis Security Governance. In this strategic position, you will support our SAP systems' "second line of defense" activities, ensuring compliance, risk management, vulnerability management, and control effectiveness across the entire SAP ecosystem, including the platform, database, and operating system. You will be responsible for establishing P&G’s SAP Security Risk and Compliance Management framework, including controls monitoring and automation. Your expertise will be crucial in maintaining the integrity of our SAP landscape and supporting the organization's overall risk management framework. The SAP Security Governance Team oversees, assesses, and manages risk and compliance activities, develops and deploys the Risk and Compliance Management framework, and serves as an expert in the SAP Risk and Compliance domain. In your role, you will govern key access management, technology controls, hardening, business continuity, resilience, and cybersecurity efforts in collaboration with the Director of SAP Security Second Line of Defense. You will play a critical role in ensuring the integrity, confidentiality, and availability of our SAP systems by governing the design and implementation of robust security measures, managing SAP vulnerabilities, and ensuring compliance with relevant regulations and standards. Additionally, you will help develop vulnerability remediation and risk management processes, help establish SAP security baseline and oversee its implementation. This role requires strategic partnerships with first line of defense teams, internal stakeholders, and external partners to design, adopt, and integrate effective controls while promoting control automation. The ideal candidate will possess in-depth working knowledge of Basis architecture, industry trends, standards, and proficiency with the latest cybersecurity tools and processes, contributing to a secure and efficient SAP environment that supports our business processes and objectives. Job Responsibilities + Provide technical governance and is responsible for reviewing and further evolving best practices, polices, standards, framework, guidelines and approach + Contributes to IT project governance reviews and provides the necessary application governance in support of our standards + Support the SAP Security Strategy and Governance Framework on an operational level, acting as both a controls framework specialist and control monitoring / automation tool specialist, supporting security related tasks across lines of defense + Support the development, deployment, and continuous improvement of SAP risk management strategies and frameworks. + Enforce compliance with relevant industry standards, regulations, and internal IT policies related to SAP systems. + Work closely with internal audit teams to ensure SAP-related audits are conducted effectively and timely, addressing any findings or deficiencies. + Design and implement robust control frameworks for SAP processes, collaborating with process owners and IT teams to ensure controls are practical and effective. + Deliver and maintain incident response plans for SAP systems, ensuring the organization is prepared to address potential security breaches or operational disruptions. + Establish proper governance to control and proactively spot problems, vulnerabilities, and changes in the underlying systems’ risk profile. + Help application, product, and information owners understand the overall risk profile so that the proper controls may be introduced. + Proactively identify, assess, and manage inherent risks in our system and promote a risk-mitigating culture. + Identify threats, risks, vulnerabilities, and relevant mitigation methods to support risk decisions and carry out security risk assessment operations. + Stay up to date with SAP security trends, patches, and vulnerabilities to ensure the protection of SAP environments. + Recommend improvements to security policies, role configurations, and user access processes. + Foster strong working relationships with various customers, including IT, finance, legal, compliance, and external auditors, to align SAP second line of defense activities with broader organizational objectives. + Support Director of SAP Security Governance: Risk and Compliance Management and be a part of a high-performing team responsible for SAP risk management, controls, and compliance activities. + Support Director of SAP Security Governance: Risk and Compliance Management communicate risks and outages up to management and across lines of defense for remediation. Job Qualifications Required + Bachelor’s degree in business, Information Systems, or a related field + Extensive experience (5+ years) in Audit, risk management, internal controls, compliance, or a related field, focusing on SAP systems. + Extensive and broad-based experience and expertise with all stacks of SAP infrastructure and Application stack with demonstrated understanding of SAP Security, Risk, and compliance control within a large and diverse enterprise environment or business community. + Knowledge of SAP Automation Tools such as; SAP Focus Run, SAP Solution Manager, Security Weaver, Security Bridge. + Solid understanding of SAP processes, modules, and configurations, including ECC, S/4HANA, BTP, SAP Platform Basis, HANA DB, Integration, OS, and related technologies. + Proficient in SAP security administration, encompassing OS and HANA database environments, including knowledge of authorization concepts, deployment, and implentation of security controls, conducting audits and vulnerability assessments, alignment to standard methodologies, user management, fix, collaboration with multi-functional teams, and risk mitigation. Preferred + Master's degree preferred in business, Information Systems, or a related field. + Ideally, knowledge of the P&G information security framework and the SAP Enterprise Security Control Framework + Demonstrable record of accomplishment of leading and managing multi-functional teams, fostering collaboration, and achieving results. + Identifying key risks and controls, knowledge of Sarbanes Oxley readiness controls optimization, and configuring controls around security, business process, and within the GRC modules. + Knowledge of IT SAP security tools such as code scanners, GRC tools, or tools for SAP SoD monitoring. + Relevant certifications such as Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), SAP HANATEC or equivalent are a plus. Experience in working with regulatory requirements and industry standards (e.g., SOX, GDPR) about SAP systems. + Knowledge of the NIST cybersecurity framework. + Traditional/waterfall and agile project management skills, strong analytical and problem-solving abilities, with keen attention to detail + Leading teams to generate a vision, establish direction and motivate members, create an atmosphere of trust, leverage diverse views, coach staff, and encourage improvement and innovation. Compensation for roles at P&G varies depending on a wide array of non-discriminatory factors including but not limited to the specific office location, role, degree/credentials, relevant skills, and level of relevant experience. At P&G compensation decisions are dependent on the facts and circumstances of each case. Total rewards at P&G include salary + bonus (if applicable) + benefits. Your recruiter may be able to share more about our total rewards offerings and the specific salary range for the relevant location(s) during the hiring process. We are committed to providing equal opportunities in employment. We value diversity and do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status. Immigration Sponsorship is not available for this role. For more information regarding who is eligible for hire at P&G along with other work authorization FAQ’s, please click HERE (https://faq.pgwebtools.com/us-work-authorization-faqs/) . Procter & Gamble participates in e-verify as required by law. Qualified individuals will not be disadvantaged based on being unemployed. We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation. Information Technology at Procter & Gamble is where business, innovation and technology integrate to create a competitive advantage for P&G. Our mission is clear - we deliver IT to help P&G win with consumers. As a P&G IT professional your subject knowledge expertise will be applied to diverse business problems delivering groundbreaking, technology advancing, business models and capabilities. Whether your role is to create an IT innovation strategy for a business, protect our critical information systems and assets, or build a completely new way of operating, your technical knowledge will be recognized and rewarded. Your career in IT at P&G will build you through growing your technical, leadership, and influence skills; expand your perspective via experiences across multiple businesses; and cultivate depth of expertise in areas like Engineering, Analytics, Product Management, Security, etc., What we offer is an interesting and diverse set of opportunities to solve problems that come with being one of the largest consumer goods companies in the world. You have many interests, and our scale enables you to explore these interests and apply your problem-solving skills. Visit http://www.pg.com to know more. Job Schedule Full time Job Number R000114961 Job Segmentation Experienced Professionals (Job Segmentation) Starting Pay / Salary Range $105,000.00 - $150,000.00 / year
Confirm your E-mail: Send Email