Senior Cybersecurity GRC Specialist shaping Orion Pharma's cybersecurity governance, risk management, and compliance. Engaging with teams to enhance security posture and meet regulatory standards.
About the role
- Lead oversight of access controls and compliance processes for SAP systems at Boeing. Implement risk management solutions and collaborate with cross-functional teams to ensure data integrity.
Responsibilities
- Implement and manage SAP Access Control (AC) Governance, Risk, and Compliance (GRC) solutions and policies to ensure data protection and regulatory adherence
- Design and implement Access Control Policies and Risk Management solutions across SAP systems
- Collaborate with cross-functional teams to maintain system integrity, protect business data and streamline compliance processes
- Partner with internal Information Technology (IT) SOX Program Office to ensure effective SOX Controls are in place, documented in SOX Narratives, and executed periodically
- Understand how SOX Control activity supports the annual SOX process including Design Effectiveness, Operational Effectiveness, Roll Forward testing, recurring Control execution and remediation as necessary
- Utilize common SOX processes and methodologies to participate in internal/external audits
- Provide technical expertise in support of creating sample testing populations and justification for completeness of population specific to their control(s)
- Execute and deliver Automated Controls Testing Tool (ACTT) script results as requested by external auditor
- Provide evidence of control completion in the SOX book of records (AuditBoard)
- Articulate appropriateness of reports used as evidence to include source, validity, and completeness of the report(s)
- Communicate potential and realized control deficiencies
- Participate in root cause analysis of identified deficiencies and take appropriate corrective action plans to remediate
- Design and build SOD Ruleset requirements including Risks, Functions, and Permission adjustments and additions for new and existing implementations
- Design and build Mitigating Controls for all SAP users to ensure Risks are being monitored and controlled for users that maintain SODs
- Work with the Financial Controls Group to ensure Controls are appropriately linked to SAP GRC Mitigating Controls
- Provide reporting to the Financial Controls Group and Business Process Owners to ensure Mitigating Control assignments are approved and assigned appropriately
- Consult on SAP Role design decisions as they relate to SOX and Compliance requirements
- Design and implement Controls related to Global Trade Compliance to ensure Export Administration Regulation (EAR), International Traffic in Arms Regulations (ITAR), and Sensitive data elements are restricted to authorized persons
- Provide reporting related to US vs Foreign National access to Material Master and Routing Information
- Work with Global Trade Compliance Team to adjust SAP Role design elements to ensure they are aligned with Compliance policies
- Design and implement Controls as defined by Boeing Enterprise Security information protection standards and computing security policies
Requirements
- 5+ years of experience working in a cross-functional environment
- 5+ years of experience within information technology
- 5+ years of experience with SAP Security and/or SAP GRC
- 5+ years of experience with supporting regulatory compliance processes/audits (e.g. SOX, DFARS, etc)
- 5+ years of experience with Systems Applications and Processing (SAP), S/4 HANA
- 5+ years of experience as a technical lead
- 5+ years of experience in Business Intelligence/data analytics tools (Microsoft Power BI, Dashboards, SQL, Tableau, etc)
- 5+ years of experience developing corrective action plans to respond to internal/external audit inspections
Benefits
- health insurance
- flexible spending accounts
- health savings accounts
- retirement savings plans
- life and disability insurance programs
- paid time off
- unpaid time away from work
Job title
Job type
Experience level
Salary
Degree requirement
No Education Requirement
Tech skills
Location requirements
Product Security expert ensuring secure software development at NETGEAR. Championing security practices and monitoring vulnerabilities while collaborating with development teams.
System Architect driving secure cloud - native applications using cutting - edge technologies for Product Security at Nokia. Leading AI - driven design and architecture with collaboration across global teams.
Cyber Security Engineer protecting data from threats in a fintech startup. Collaborating with the Information Security Team and implementing security controls for technical projects.
Junior Security Incident Responder in an innovative IT service company protecting clients against cyber threats. Collaborating with teams to enhance IT security and respond to incidents.
Security Incident Responder managing IT security incidents in the Security Operations Center, analyzing threats and coordinating responses effectively for clients' safety.
Senior Security Engineer developing and enhancing security infrastructure for Bank Frick, a pioneer in blockchain banking. Responsible for managing security processes and collaborating with IT teams.
Werkstudent Cyber Security bei Wavestone, Unterstützung im IT - Consulting und Entwicklung im Bereich Cyber - Sicherheit. Analyse von Trends und aktive Teilnahme an Teamaktivitäten.
Cyber Security Manager at British American Tobacco strengthening cyber resilience across Western Europe. Responsible for managing security initiatives and collaborating with regional teams.
Project Manager for Security Technology managing complex security projects in MENA region. Involving internal teams and external integrators ensuring project success and client satisfaction.