Technical Expert (Senior Manager)
- Responsible for the governance of Confidential ’s Global Business Solutions (SAP & non - SAP) across project and support structures, translation of business requirements into solution designs, impact analysis and delivery of solutions. This includes all areas of SAP Application Security plus GRC and Identity Management (CA IDM & SailPoint) solution implementation responsibilities.
- Lead the overall Security design and workshops, including organizational design and role-based permissions
- Lead S/4 HANA full lifecycle implementation encompassing design, build, test and cutover activities pertaining to security implementation.
- Lead application enablement efforts for SAP & non-SAP applications, including compliant access implementation for SAP ECC, BI, BOBJ, BPC, SRM, Sourcing, MDG, SLC, T&E, SAP HR, NW, EWM, Fuel, S/4 HANA, HANA, Nakisa, Tririga, Concur, SuccessFactors and ALM.
- Recognize the variable nature of the security needs and construct an environment commensurate with specific demands at different levels of the organization.
- Coordinate internal and external audits with IT department and audit vendors as the Technical Expert for application security, ensuring remediation, mitigation and resolution of audit findings.
- Deliver feasibility studies, solution designs, blueprints and specifications to meet business requirements for approved projects and governed change requests.
- Develop and maintain artifacts that define the technology blueprints for associated applications Partner with IT management and business stakeholders to understand business issues and translate business needs into a technology solution.
- lead Security design and realization phases for SAP Data Services implementation.
- Ensure the Access Controls, Identity Management and other On Demand security solutions are designed and delivered in line with the stated business requirements.
- Develop and/or configure high-quality applications that are secure, sustainable, cost efficient from an operational perspective and meet business needs.
- Lead Security design and realization phases for SAP MDGS and SAP MDM implementation.
- Support the full application development life-cycle of allocated projects including scoping, project definition, design, development, testing and implementation.
- Manage customers' expectations of requests/enhancements and collaborate with vendors and other IT stakeholders to prioritize needs.
- Review proposed changes to the design and blueprints for area of responsibility ensuring compliance to processes.
- Ensure compliance to blueprint by operations team for system configuration or code changes required to be implemented as part of break fix.
- Be accountable for ensuring all functional and technical production changes to systems and modules within area of responsibility adhere to quality requirements, processes and required standards.
- Plan, track, monitor and report on application delivery activities including compliance, schedule, budget, scope, quality, risks, issues, dependencies and benefits for area of responsibility.
- Develop and maintain the information security risk management systems & processes, including integrating InfoSec best practice into the existing risk and compliance framework.
- Contribute to, influence and assist with IT security architecture design strategy and road-map to ensure it meets engineering and operational requirements.
- Lead the technical parts of the scoping, planning, delivery and reporting of security audits in the Technology domain.
- Ensure compliance of all SAP software to licensing agreements including annual vendor audits.
SAP Security Manager
- Review Confidential & Confidential ’s Application security framework and create a roadmap for improvements Develop recommendations for Application security configuration improvements and work with the IT department and senior stakeholders to raise awareness of security issues within the business.
- Identify use cases and requirements to refine the application features / functionalities in Security and GRC product line to elevate product offerings.
- Organize and Conduct Security design workshops with functional and business process owners.
- Lead security enablement efforts for applications, including SAP ECC, BI, BOBJ, PLM, BPC, T&E, NW, HANA, SCM and ALM.
- Lead Security design and realization phases for SAP MDM implementation.
- Oversee JDE EnterpriseOne security operations during SAP Migration.
- Lead the business way of thinking to ensure that application security remains a key focus in mitigating risk across the Group.
- Manage, Coach and Lead, focusing on developing a continuous improvement mindset within the IS Security team.
- Conduct regular reporting and analysis to ensure transparency of current risks and threats are known.
- Lead the security incident response team and coordinate security investigation during an incident, including communications between security and other Groups.
- Ensure the team is resourced, processes and documents are current and managed to ensure compliance to policy, audit and operational requirements.