Job Location
CincinnatiJob Description
We're seek a highly skilled and experienced professional to assume the Senior Manager of SAP Second Line of Defense role. In this strategic position, you will support our SAP systems' “second line of defense” activities, ensuring compliance, risk management, and control effectiveness for SAP Security End to End. The Senior Manager, SAP Security Governance: Risk and Compliance Management will establish P&G – SAP Security Risk and Compliance Management, controls framework and controls monitoring/automation.
Your expertise will be crucial in maintaining the integrity of our SAP landscape and supporting the organization's overall risk management framework. The SAP Security Governance Team oversees, assesses, and manages risk and compliance activities, develops, and deploys the Risk and Compliance Management framework, and serves as an expert in the SAP Risk and Compliance domain. The Senior Manager's role will support the SAP Security Strategy and Risk and Compliance Management framework on an operational level. They are both an internal control framework specialist and a control monitoring and automation tool specialist that supports ensuring consistent, quality, and completeness of the SAP security controls, new threats are continuously included, and the approaches are understood and applied consistently across first and second lines of defense.
Job Responsibilities
Support the SAP Security Strategy and Governance Framework on an operational level, acting as both a controls framework specialist and control monitoring / automation tool specialist; supporting security related tasks across lines of defenseSupport the development, deployment, and continuous improvement of SAP risk management strategies and frameworks.Enforce compliance with relevant industry standards, regulations, and internal IT policies related to SAP systems.Work closely with internal audit teams to ensure SAP-related audits are conducted effectively and timely, addressing any findings or deficiencies.Design and implement robust control frameworks for SAP processes, collaborating with process owners and IT teams to ensure controls are practical and effective.Deliver and maintain incident response plans for SAP systems, ensuring the organization is prepared to address potential security breaches or operational disruptions.Foster strong working relationships with various customers, including IT, finance, legal, compliance, and external auditors, to align SAP second line of defense activities with broader organizational objectives.Support Director of SAP Security Governance: Risk and Compliance Management and be a part of a high-performing team responsible for SAP risk management, controls, and compliance activities.Support Director of SAP Security Governance: Risk and Compliance Management communicate risks and outages up to management and across lines of defense for remediation.Job Qualifications
Required
Bachelor’s degree in business, Information Systems, or a related fieldExtensive experience (5+ years) in Audit, risk management, internal controls, compliance, or a related field, focusing on SAP systems.Extensive and broad-based experience and expertise with all stacks of SAP infrastructure and Application stack with demonstrated understanding of SAP Security, Risk, and compliance control within a large and diverse enterprise environment or business community. Knowledge of SAP Automation Tools such as; SAP Focus Run, SAP Solution Manager, Security Weaver, Security Bridge.Solid understanding of SAP processes, modules, and configurations, including ECC, S/4HANA, BTP, SAP Platform Basis, HANA DB, Integration, OS, and related technologies.Proficient in SAP security administration, encompassing OS and HANA database environments, including knowledge of authorization concepts, deployment, and implentation of security controls, conducting audits and vulnerability assessments, alignment to standard methodologies, user management, fix, collaboration with multi-functional teams, and risk mitigation.Preferred
Master's degree preferred in business, Information Systems, or a related field.Ideally, knowledge of the P&G information security framework and the SAP Enterprise Security Control FrameworkDemonstrable record of accomplishment of leading and managing multi-functional teams, fostering collaboration, and achieving results.Identifying key risks and controls, knowledge of Sarbanes Oxley readiness controls optimization, and configuring controls around security, business process, and within the GRC modules.Knowledge of IT SAP security tools such as code scanners, GRC tools, or tools for SAP SoD monitoring.Relevant certifications such as Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), SAP HANATEC or equivalent are a plus. Experience in working with regulatory requirements and industry standards (e.g., SOX, GDPR) about SAP systems.Knowledge of the NIST cybersecurity framework.Traditional/waterfall and agile project management skills, strong analytical and problem-solving abilities, with keen attention to detailLeading teams to generate a vision, establish direction and motivate members, create an atmosphere of trust, leverage diverse views, coach staff, and encourage improvement and innovation.Compensation for roles at P&G varies depending on a wide array of non-discriminatory factors including but not limited to the specific office location, role, degree/credentials, relevant skills, and level of relevant experience. At P&G compensation decisions are dependent on the facts and circumstances of each case. Total rewards at P&G include salary + bonus (if applicable) + benefits. Your recruiter may be able to share more about our total rewards offerings and the specific salary range for the relevant location(s) during the hiring process.
We are committed to providing equal opportunities in employment. We value diversity and do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.
Immigration Sponsorship is not available for this role. For more information regarding who is eligible for hire at P&G along with other work authorization FAQ’s, please click HERE.
Procter & Gamble participates in e-verify as required by law.
Qualified individuals will not be disadvantaged based on being unemployed.
We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.
Information Technology at Procter & Gamble is where business, innovation and technology integrate to create a competitive advantage for P&G. Our mission is clear - we deliver IT to help P&G win with consumers. As a P&G IT professional your subject knowledge expertise will be applied to diverse business problems delivering groundbreaking, technology advancing, business models and capabilities. Whether your role is to create an IT innovation strategy for a business, protect our critical information systems and assets, or build a completely new way of operating, your technical knowledge will be recognized and rewarded. Your career in IT at P&G will build you through growing your technical, leadership, and influence skills; expand your perspective via experiences across multiple businesses; and cultivate depth of expertise in areas like Engineering, Analytics, Product Management, Security, etc.,
What we offer is an interesting and diverse set of opportunities to solve problems that come with being one of the largest consumer goods companies in the world. You have many interests, and our scale enables you to explore these interests and apply your problem-solving skills.
Visit http://www.pg.com to know more.
Job Schedule
Full timeJob Number
R000114961Job Segmentation
Experienced Professionals (Job Segmentation)Starting Pay / Salary Range
$105,000.00 - $150,000.00 / year