Skip to content

SAP Security Manager

Job Category:

BPO / KPO / Shared Services

Job Level:


Open Date:




Close date:


Client Industry:


Job Description and Qualification:

The Applications Security Manager is responsible for providing an integrated program to protect the integrity, confidentiality, and availability of company’s information resources on a global basis, both on-prem and on the cloud, with a heavy emphasis on SAP systems. The incumbent will manage a team of Security Analysts to establish and maintain the necessary processes and procedures to ensure the security of company’s information systems as well as related SOX and Audit compliance and adherence.

Job Responsibilities:

  • Evaluate application security threats and risks, and develop and implement specific mitigation plans
  • Develop, communicate, and enforce Global Corporate Application Security strategy, standards, policies, and procedures
  • Ownership and oversight of S4HANA security design, analysis, configuration and compliance
  • Ownership of ITGC SAP Security SOX Controls that includes review and approval of evidence within defined timelines
  • Continuous evaluation of ITGC SAP Security SOX controls for adherence to company's policies and standards
  • Liaise and Align with the Corporate IT Compliance Team
  • Design security and controls for new technologies to address such areas as infrastructure, security administration, user identification and authentication, access to data, monitoring, and reporting
  • Assist and partner with key stakeholders in the review and updating of existing Corporate IT policies and standards and the creation of new policies
  • Provide governance and ensure adherence to Corporate security policies and procedures by Regional and Site IT staff
  • Manage and report on Key Performance Indicators (KPI’s)
  • Liaise with internal teams (Application Development, Systems Administrators, Human Resources, Procurement, etc.) to complete application security initiatives
  • Manage or participate on all projects and initiatives related to application security
  • Provide leadership, direction and support in the development, implementation and continual refinement of application security support processes, procedures, and best practices to internal stakeholders
  • Manage or participate on all internal and external audits and regulatory assessments and address requests, findings and issues timely
  • Maintain issue logs, tracks/follows up on all security related issues and pending tasks and projects
  • Influence strategic direction and develop tactical plans to complete complex assignments with substantial latitude for actions and decisions
  • Remain business focused, adhering to Audit, Compliance, Finance, Legal, Procurement and Data Privacy Office standard processes and policies
  • Evaluate, select, and implement emerging IT application security technologies
  • Lead global cross-functional teams and vendor resources in successful delivery of medium to large security projects
  • Lead effective teams, developing and managing internal team members ensuring accountability and performance objectives are met
  • Accountable for vendor and contract management function, ensuring alignment with Business and IT objectives, managing service delivery, as well as account team management and billing operations
  • Work closely with the Service Desk, Server, Operations and Cloud Infrastructure teams to establish alignment and to determine application security technology needs and direction.
  • Work on critical projects with Corporate IT, Regional IT, Business functions, strategic partners, and vendors to identify, select, integrate and manage cost, effective and efficient application security technology solutions into the existing landscape
  • Combines technical knowledge of application security design and implementation with a proven ability to lead and motivate teams


  • Proven and demonstrated strong ethics and integrity
  • Minimum of 7 to 10 years of Information Technology experience required
  • Minimum of 3 to 5 years of experience managing a technical team along with budget and cost management
  • Minimum 5 years of SAP ECC/HANA S4HANA security implementation or operations
  • Experience working for a US Publicly traded company with SOX compliance requirements
  • Demonstrated experience of core SAP security design, analysis, configuration, compliance, and implementation
  • Demonstrated experience with SAP Security Basics, SAP Authorization Concept, Roles/Activity Groups, and User Administration
  • Demonstrated experience with role-based access controls, distributed systems administration, and distributed system recovery
  • Demonstrated experience with SOD conflict resolution
  • Demonstrated experience in SAP Netweaver Technology products such as ECC, Portals, PI, BI or BW, CRM, GRC, BPC environments
  • Demonstrated experience in license management tools such as FlexNet Manager for SAP Applications.
  • Demonstrated experience creating technical documentation
  • A full lifecycle implementation of SAP ECC or S4HANA a plus
  • SAP GRC Process Controls 10.1/12 implementation experience
  • Working experience with SAP GRC Access Control (v10.1 and / or 12)
  • Working experience on Application Security with cloud-based solutions
  • Cloud Identity Access Governance experience
  • Data protection and privacy experience supporting sensitive data such as PII, GDPR
  • Experience implementing or operating SAP environments enabled by Fiori Security, and / or SAP HANA DB
  • Hands on experience for SAP Security Basics, SAP Authorization Concept, Security Roles design concept, and User Administration
  • Self-motivated and has strong interpersonal skills to work with different teams within and outside of the organization
  • Project management skills for medium and large-scale projects including management of costs and internal and external (outsourcers and consultants) resources
  • Build, foster and develop a high performing technical team
  • Work under pressure/using own initiative with minimal supervision
  • Vendor management experience essential
  • Strong interpersonal and relationship building skills
  • Interface with all levels of an organization, IT and Business management while providing excellent customer service skills
  • Excellent verbal, written communication skills and public speaking ability
  • Work across time zones and across cultures
  • Attention to detail and organizational skills


PHP 1M – 1.9M