Senior Manager, SAP Basis Security Governance

Job Location

MANILA NET PARK OFFICE

Job Description

We are seeking a highly skilled and experienced professional to assume the role of Senior Manager, SAP Basis Security Governance. In this strategic position, you will support our SAP systems' "second line of defense" activities, ensuring compliance, risk management, vulnerability management, and control effectiveness across the entire SAP ecosystem, including the platform, database, and operating system. You will be responsible for establishing P&G’s SAP Security Risk and Compliance Management framework, including controls monitoring and automation. Your expertise will be crucial in maintaining the integrity of our SAP landscape and supporting the organization's overall risk management framework. The SAP Security Governance Team oversees, assesses, and manages risk and compliance activities, develops and deploys the Risk and Compliance Management framework, and serves as an expert in the SAP Risk and Compliance domain.

In your role, you will govern key access management, technology controls, hardening, business continuity, resilience, and cybersecurity efforts in collaboration with the Director of SAP Security Second Line of Defense. You will play a critical role in ensuring the integrity, confidentiality, and availability of our SAP systems by governing the design and implementation of robust security measures, managing SAP vulnerabilities, and ensuring compliance with relevant regulations and standards. Additionally, you will help develop vulnerability remediation and risk management processes, help establish SAP security baseline and oversee its implementation. This role requires strategic partnerships with first line of defense teams, internal stakeholders, and external partners to design, adopt, and integrate effective controls while promoting control automation. The ideal candidate will possess in-depth working knowledge of Basis architecture, industry trends, standards, and proficiency with the latest cybersecurity tools and processes, contributing to a secure and efficient SAP environment that supports our business processes and objectives.

Job Responsibilities

• Provide technical governance and is responsible for reviewing and further evolving best practices, polices, standards, framework, guidelines and approach
• Contributes to IT project governance reviews and provides the necessary application governance in support of our standards
• Support the SAP Security Strategy and Governance Framework on an operational level, acting as both a controls framework specialist and control monitoring / automation tool specialist, supporting security related tasks across lines of defense
• Support the development, deployment, and continuous improvement of SAP risk management strategies and frameworks.
• Enforce compliance with relevant industry standards, regulations, and internal IT policies related to SAP systems.
• Work closely with internal audit teams to ensure SAP-related audits are conducted effectively and timely, addressing any findings or deficiencies.
• Design and implement robust control frameworks for SAP processes, collaborating with process owners and IT teams to ensure controls are practical and effective.
• Deliver and maintain incident response plans for SAP systems, ensuring the organization is prepared to address potential security breaches or operational disruptions.
• Establish proper governance to control and proactively spot problems, vulnerabilities, and changes in the underlying systems’ risk profile.
• Help application, product, and information owners understand the overall risk profile so that the proper controls may be introduced.
• Proactively identify, assess, and manage inherent risks in our system and promote a risk-mitigating culture.
• Identify threats, risks, vulnerabilities, and relevant mitigation methods to support risk decisions and carry out security risk assessment operations.
• Stay up to date with SAP security trends, patches, and vulnerabilities to ensure the protection of SAP environments.
• Recommend improvements to security policies, role configurations, and user access processes.
• Foster strong working relationships with various customers, including IT, finance, legal, compliance, and external auditors, to align SAP second line of defense activities with broader organizational objectives.
• Support Director of SAP Security Governance: Risk and Compliance Management and be a part of a high-performing team responsible for SAP risk management, controls, and compliance activities.
• Support Director of SAP Security Governance: Risk and Compliance Management communicate risks and outages up to management and across lines of defense for remediation.
  
  

Required

Job Qualifications

• Bachelor’s degree in business, Information Systems, or a related field
• Extensive experience (5+ years) in Audit, risk management, internal controls, compliance, or a related field, focusing on SAP systems.
• Extensive and broad-based experience and expertise with all stacks of SAP infrastructure and Application stack with demonstrated understanding of SAP Security, Risk, and compliance control within a large and diverse enterprise environment or business community.
• Knowledge of SAP Automation Tools such as; SAP Focus Run, SAP Solution Manager, Security Weaver, Security Bridge.
• Solid understanding of SAP processes, modules, and configurations, including ECC, S/4HANA, BTP, SAP Platform Basis, HANA DB, Integration, OS, and related technologies.
• Proficient in SAP security administration, encompassing OS and HANA database environments, including knowledge of authorization concepts, deployment, and implentation of security controls, conducting audits and vulnerability assessments, alignment to standard methodologies, user management, fix, collaboration with multi-functional teams, and risk mitigation.
  
  

Preferred

• Master's degree preferred in business, Information Systems, or a related field.
• Ideally, knowledge of the P&G information security framework and the SAP Enterprise Security Control Framework
• Demonstrable record of accomplishment of leading and managing multi-functional teams, fostering collaboration, and achieving results.
• Identifying key risks and controls, knowledge of Sarbanes Oxley readiness controls optimization, and configuring controls around security, business process, and within the GRC modules.
• Knowledge of IT SAP security tools such as code scanners, GRC tools, or tools for SAP SoD monitoring.
• Relevant certifications such as Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), SAP HANATEC or equivalent are a plus. Experience in working with regulatory requirements and industry standards (e.g., SOX, GDPR) about SAP systems.
• Knowledge of the NIST cybersecurity framework.
• Traditional/waterfall and agile project management skills, strong analytical and problem-solving abilities, with keen attention to detail
• Leading teams to generate a vision, establish direction and motivate members, create an atmosphere of trust, leverage diverse views, coach staff, and encourage improvement and innovation.
  
  

About Us

We produce globally recognized brands and we grow the best business leaders in the industry. With a portfolio of trusted brands as diverse as ours, it is paramount our leaders are able to lead with courage the vast array of brands, categories and functions. We serve consumers around the world with one of the strongest portfolios of trusted, quality, leadership brands, including Always, Ariel, Gillette, Head & Shoulders, Herbal Essences, Oral-B, Pampers, Pantene, Tampax and more. Our community includes operations in approximately 70 countries worldwide.

Visit http://www.pg.com to know more.

We are an equal opportunity employer and value diversity at our company. We do not discriminate against individuals on the basis of race, color, gender, age, national origin, religion, sexual orientation, gender identity or expression, marital status, citizenship, disability, HIV/AIDS status, or any other legally protected factor.

Job Schedule

Full time

Job Number

R000128020

Job Segmentation

Experienced Professionals (Job Segmentation)