Senior Manager Information Securiity

Senior Manager Information Security

 

 

Area:                                                                                                             IT- IT Security

Subsidiary/Country:                                                               India

Location:                                                                                 Gurgaon

GSMS Grade:                                                                                             M3

Number of Personnel Managed:                                           -

Cost Center/Budget and/or Revenue Responsibility:           tbd

TECH Job Family:                                                                   Information Security  

 

 

Purpose & Overall Relevance for the Organization:

 

The selection, design, justification, implementation and operation of controls and management strategies to maintain the security, confidentiality, integrity, availability, accountability and relevant compliance of information systems with legislation, regulation and relevant standards – with a special focus on SAP security.

 

Key Responsibilities:

 

Information security

  • Acts as a security architect for SAP technologies and services.
  • Provides advice and guidance on security strategies to manage identified risks and ensure adoption and adherence to standards.
  • Obtains and acts on vulnerability information and conducts security risk assessments, business impact analysis and accreditation on complex information systems.
  • Investigates major breaches of security and recommends appropriate control improvements.
  • Contributes to development of information security policy, standards and guidelines.

 

Specialist advice

  • Actively maintains recognised expert level security knowledge in one or more identifiable specialisms, at least in SAP systems and the underlying platforms and technologies.
  • Provides definitive and expert advice in their specialist area of SAP security
  • Evaluates SAP Security Policies, Guidelines, Standards for a range of SAP Technologies (Incl. ABAP Based and Cloud Solutions) and identify gaps
  • Provides consultancy on mitigating identified vulnerabilities, issues and risks to various teams (SAP and non-SAP)
  • Oversees the provision of specialist advice by others, consolidates expertise from multiple sources, including third party experts, to provide coherent advice to further organisational objectives.
  • Supports and promotes the development and sharing of specialist knowledge within the organisation.
  • Oversees project/program workloads and timelines and align to project management teams

 

Research

  • Within given research goals, builds on and refines appropriate outline ideas for research, including evaluation, development, demonstration, and implementation.
  • Applies standard methods to collect and analyse quantitative and qualitative data.
  • Creates research reports to communicate research methodology and findings and conclusions. Contributes sections of material of publication quality.
  • Uses available resources to update knowledge of any relevant field and curates a personal collection of relevant material. Participates in research communities.
  • Participates in research communities.

 

Emerging technology monitoring

  • Supports monitoring of the external environment and assessment of emerging technologies to evaluate the potential impacts, threats and opportunities to the organization.
  • Contributes to the creation of reports, technology road mapping and the sharing of knowledge and insights.

 

Security administration

  • Maintains security administration processes and checks that all requests for support are dealt with according to agreed procedures.
  • Investigates security breaches in accordance with established procedures and recommends required actions and supports / follows up to ensure these are implemented.

 

Digital forensic

  • Contributes to digital forensic investigations.
  • Processes and analyses evidence in line with policy, standards and guidelines and supports production of forensics findings and reports.

 

Relationship management

  • Implements stakeholder engagement/communications plan.
  • Deals with problems and issues, managing resolutions, corrective actions, lessons learned and the collection and dissemination of relevant information.
  • Collects and uses feedback from customers and stakeholders to help measure effectiveness of stakeholder management.
  • Helps develop and enhance customer and stakeholder relationships.

 

If required: People Management / Resource Management:

 

  • Provides team members/direct reports with clear direction and targets that are aligned with business needs and GIT objectives

 

Key Relationships:

 

  • Global IT
  • Information Security
  • Legal / Data Privacy

 

Requisite Education and Experience / Minimum Qualifications:

 

  • Four-year college or university degree with focus on Business Administration or IT or related areas, or equivalent combination of education and experience
  • Proficient spoken and written command of English
  • At least 7-year experience in IT
  • At least 5 years of experience in Information Security, including experience in SAP Technologies
  • 2 years of experience in team management
  • Knowledge in Agile methodologies and Principles
  • Knowledge on Jira, Confluece tools, including dashboards
  • Strong understanding & knowledge of SAP Security / SAP Hardening including areas of Data Protection, SAP BASIS and Integration technologies like SAP CI, API Security
  • Good Understanding in the areas of SAP S/4 HANA and HANA DB Security
  • Security relevant experience in any of the cloud technologies or platforms like S/4 HANA, SAC, SAP BTP, Gateway, SAP Solution manager, IBP Cloud, Ariba, Fieldglass, HCM / SFSF
  • Good understanding about concepts of RBAC, Critical authorizations in SAP ABAP, Risk analysis, Firefighter concepts and Privileged access Managements concepts in SAP
  • Knowledge in Patch Management, Vulnerability Management topics
  • Knowledge about Identity and Access Management (IAM) principle(s)/Lifecycle concepts
  • Relevant industry certifications are desired (e.g. CISSP, CISM, CCSP)

 

 

 

adidas celebrates diversity, supports inclusiveness and encourages individual expression in our workplace. We do not tolerate the harassment or discrimination toward any of our applicants or employees. We are an Equal Opportunity Employer.

Job Title:  Senior Manager Information Securiity

Brand:  adidas
Location:  Gurgaon
TEAM:  Global Operations
State:  HR
Country/Region:  IN
Contract Type:  Full time
Number:  491528
Date:  Nov 23, 2022