Skip to main content

Principal SAP Security Control Architect

Step into the pivotal role of a SAP Security Controls Remediation IT Architect at LYB, where you’ll champion best practices in risk management and control remediation, shaping a strategy that aligns with the company’s vision and SAP roadmap. In this critical position, you’ll collaborate with top-tier IT and Cyber Security teams to fortify SAP systems, ensuring compliance and driving security efficiencies. Your expertise in SAP systems, controls, and compliance will be the cornerstone of developing robust strategies to assess and mitigate risks, enhancing LYB’s security posture. Join us in this dynamic role where your analytical acumen and communication skills will lead the charge in safeguarding our SAP landscape. Welcome to Lyondellbasell...

This is Lyondellbasell

This is the role

As a SAP Security Controls Remediation IT Architect you are responsible to drive best practices around risk, controls and remediation and define a strategy that supports the company’s overall strategy and the SAP roadmap. This role plays a critical role in ensuring the effective functioning and compliance of SAP systems within LYB. This position involves developing and implementing strategies to identify, assess, and remediate controls-related issues within SAP environments. This role will be driving security efficiencies, ensuring that technical governance is based on sound architectural principles and correctly documented. This position will work closely with other IT functional and technical Architects, IT Leadership Team, Cyber Security, Internal Controls, Internal Audits and Product teams. Candidates with a strong background in SAP systems, controls, and compliance, coupled with excellent communication and analytical skills, are well-suited for this position. 

Roles & Responsibilities

A SAP Security Control Architect is responsible for ensuring the security of a company's SAP systems. They develop and implement security policies and procedures, conduct security assessments, and perform audits to identify vulnerabilities and risks. They also design SAP Application Security models (Access control and Process control), manage business workshops for requirement gathering, and convert business requirements into technical design/authorization matrix and documentation:

  • Continuously conducting comprehensive assessments of existing controls frameworks, policies, and procedures within SAP systems to identify weaknesses, gaps, and areas of non-compliance;
  • Designing and implementing remediation plans to address identified control deficiencies, ensuring alignment with industry best practices, regulatory requirements, and organizational objectives;
  • Collaborating with other LYB IT architects and IT CoE and Product teams to design and implement technical solutions that enhance control mechanisms within SAP landscapes, including configuration changes, system upgrades, and integration with third-party tools;
  • Collaborating with internal audit and business stakeholders to understand control requirements and risk assessments;
  • Systematically design and implement technical solutions to mitigate control risks using best practices and industry standards;
  • Regularly document and communicate control remediation activities and their impact on business processes;
  • Staying up-to-date on the latest SAP security threats and vulnerabilities;
  • Participating in continuous improvement initiatives to enhance the overall security posture of the SAP environment;
  • Providing strategic leadership and creative thinking to help the technical delivery team through the project lifecycle;
  • Creating conceptual architecture views, Architecture Technical designs, collect and document architecture significant decisions and architecture key constraints;
  • Analyzing architecture alternatives and provide recommendations on best options, considering input from the development teams;
  • Working on multiple concurrent projects, meet business expectations, influence outcomes and maintain stated timelines;
  • Keep up to date on industry architectural standards and trends;
  • Establishing security controls to ensure protection of LYB systems;
  • Creating documents such as System Security Plan (SSP), Security Assessment Report (SAR), Contingency Planning, Incident Response Plan, Technical Risk Assessments (TRA) Plans of Actions and Milestones (POA&Ms).
  • This is who you are

  • Candidate must have excellent collaboration, proven ability to cultivate innovation , drive results and install trust and integrity;
  • Candidate will be able to work independently, be self-driven and also delivering through others when necessary;
  • Team work - Effectively work as part of a team in large Enterprise systems and possess strong interpersonal/communication skills;
  • Communications – Documents and presents complex technical subjects; can present to project leadership and business stakeholders;
  • Technical Learning – Strong technical breadth and depth, and consistently researches new technologies and industry trends;
  • Problem Solving – Leads complex root cause analysis activities and problem solving teams; demonstrates proactive problem management capabilities;
  • Soft skills - develop relationships across the organization and build trusted relationships to deliver great results together with the key stakeholders.
  • This is what you bring

    This is a SAP security control architect position requiring either a degreed professional who possesses a Bachelor's degree in Computer Science, Business or Engineering with a minimum of eight (8) years of relevant experience. This individual must demonstrate strong technical SAP security expertise and knowledge in each of the following technology disciplines:

  • Bachelor’s degree or higher in information technology, Computer Science or a related discipline;
  • 15 years of professional experience in SAP security, controls and remediation;
  • Minimum of 5 years of experience in SAP security and controls;
  • Proven experience in identifying, analyzing, and remediating SAP control deficiencies;
  • In-depth understanding of SAP security concepts, including authorization, segregation of duties, and user access management;
  • Experience with GRC tools such as SAP GRC AC or similar solutions;
  • Strong understanding of SAP modules (., FI/CO, MM, SD) and associated controls frameworks (., SAP GRC);
  • Experience with internal audit methodologies and frameworks is a plus;
  • Knowledge of relevant compliance regulations (., SOX, GDPR);
  • Strong understanding of data privacy and security best practices is a plus;
  • Strong analytical and problem-solving skills;
  • Ability to work independently and as part of a team;
  • Excellent project management skills;
  • Demonstrated problem solving, multi-tasking, troubleshooting skills with a high degree of flexibility;
  • Experience in Software Development Life Cycle (SDLC) / Agile development / DevOps;
  • Strong analytical skills with the ability to understand key business processes and related issues;
  • Strong self-leadership and ability to work independently and manage conflict;
  • Demonstrated competency in accurately identifying the scope of work and preparing thorough, accurate and detailed schedule estimates;
  • Non-functional requirements gathering and solutioning experience;
  • Ability to develop successful relationships with external and internal partners;
  • Possessing experience leading end SAP Security implementations and controls integration projects;
  • Good understanding of SAP systems such ECC, S/4, Ariba, SuccessFactors and Non-SAP systems such as Salesforce, OneStream.
  • This is what we offer

    We offer an environment where we encourage personal and professional growth and where you will be rewarded for your performance and results. You will have the possibility to work with specialist on all fields to develop innovative solutions and to extend your national and international network. In addition, we offer you a competitive salary package. The Company's Global Remote Work Policy allows eligible employees the option to work up to three days a week from home. LyondellBasell is committed to advancing diversity, equity & inclusion (DEI) to ensure a positive experience for all employees.

    Interested?

    Would you like to apply? Just send us your motivation and resume via the application button. The recruitment process starts with an initial phone screening followed by two/three business interviews before proceeding to a possible job offer and a background check will be part of the process.

    #LI-JS2 LyondellBasell does not accept or retain unsolicited résumés or phone calls and/or respond to them or to any third party representing job seekers.

    .

    Anderen bekeken ook

    Principal SAP Security Control Architect

    Bedrijf:
    LyondellBasell
    Gemeente:
    Rotterdam
    Contracttype: 
    Vast contract, Voltijds
    Categorieën: 
    Security Engineer, SAP Consultant
    Opleidingsniveau: 
    Bachelor
    Gepubliceerd:
    27.05.2024
    Deel nu: