As an Expert SecurityArchitecture Consultant –SEC/SAP- CIS, you will join a diverse team oftechnical experts in building a world-class security technical advisory andthought-leadership organization providing exceptional and practical, technicaland logistical direction to its internal customers; enabling the business tomove and innovate rapidly while minimizing risks to the Brand.
Responsibilities includereferencing direction set by the Corporate Information Security team and thein-application security team, applying the security control standards andpractices to be embedded within each system and environment, coordinating withcross functional teams for alignment, and establishing practices for validationof controls throughout the design and delivery lifecycle.
A security and risk expert, theSEC BISO (and their team) will be tasked with driving consumption and adoptionof the existing CIS security services suite, identifying security gaps andneeds for expanding the service set, promoting vulnerability management /patching of platforms & infrastructure, facilitating business &technology risk decisions, managing compliance related activities, and ensuringtechnical recovery & resiliency.
The SEC Security team willaccomplish these responsibilities by tapping CIS on staff experts and workingwith a cross functional team of information security specialists thatcollectively execute on essential job functions, balancing business & riskdrivers, and by effectively communicating & influencing at the programmanagement, technical lead, and senior leadership levels.
Contribute to a team of technicalexperts and specialists whose mission is:
· Providecritical input and guidance to ensure that the SEC program is alignedappropriately with Corporate Information Security when considering keypriorities such as business requirements, industry threat landscape, andbusiness risk appetite.
· Workclosely with SEC work streams end-to-end in releasing secure and compliantinfrastructure, applications and experiences at the speed of business.
· Partnerwith business and technology to provide expert security guidance into designand implementation of SEC’s capabilities.
· Consultwith both technology and business teams to identify priorities and securitycapability requirements, and incorporate these requirements into the securitystrategy.
· Strongtechnical knowledge and confidence in communicating with highly technicalaudiences. Extremely strong written and verbal communication skills and anability to communicate across all areas and levels of the business.
· Provenability to pull a diverse group of individuals with different goals togetherand facilitate productive discussions driving towards results.
· Excellentanalytical and problem-solving skills.
· Provenexperience in identifying solutions for complex problems in enterpriseenvironments. Motivated self-starter who is has a track record of takingownership of information security challenges and driving them to resolution.
· Minimum8 years' experience in information security or information technologydisciplines
· Recentsecurity experience with major large global enterprise, complex high-end SAPimplementations.
· Informationsecurity experience with SAP S4 Hana, SAP S4 Finance, and SAP S4 Fashionrequired.
· Deepsubject matter expertise with SAP Security Industry Best Practices, SAPSecurity Tools, Non-SAP Security complimentary tools, and expert levelknowledge of SAP GRC.
· Workingknowledge of compliance controls, legal and regulatory laws, and requirementsin relation to SAP.
· CISSP,CHH, OSCP, OSCE, GPEN, CPT certifications highly beneficial.
· Typicallyrequires a Bachelor’s Degree and minimum of 8 or 9 years directly relevant workexperience.
· Bachelor'sdegree in Computer Science or Business Information Management or equivalentwork experience.
· Note:One of the following alternatives may be accepted: PhD or Law + 6 yrs; Masters+ 7 yrs; Associates degree + 9 yrs; High School + 10 yrs