SAP Security Governance Associate Manager
Street Address: United States - IL - Chicago - 555 W Monroe St - 60661-3605
The North America SAP Security Governance Associate Manager ensures application security, controls standards and governance processes are integrated into PepsiCo by managing the security design and related processes of select SAP systems (e.g., ECC, BW/BI, CRM, XI, HCM, SRM, etc.), the PepsiCo Segregation of Duties (SoD) rule sets, reporting on SoD results, and coordination / oversight of mitigating control application to SoD occurrences. The position represents and supports the North America SAP security role governance processes.
This position is responsible for defining and adhering to an IT Security framework for the PepsiCo SAP implementation and gaining alignment from the business leadership on the key security design points. The position is also responsible for defining and adhering to the SoD ruleset which has been defined during the PepsiCo SAP implementations and gaining alignment from business / controls leadership on required updates over time.
The Associate Manager is familiar with the security key concepts (Design, Governance, and Segregation of Duty (SOD)), and use of the GRC tools to enforce them. Also, the Associate Manager will determine what constitutes incompatible security access and maintain / enforce that access with SOD rules. The resource will also be responsible for identifying areas of opportunity to leverage tools such as GRC, pepAGM, data analytics to lower sustainment costs and enhance risk protection.
The Security Governance Associate Manager will work closely with the Project and SAP Technical Teams, the Security team, Corporate Audit and KPMG.
Primary support of 13 SAP production systems (ECC, BW, HCM, HCM BW, CRM, XI, SRM, SRM SUS, BPC, GRC, SCM, Solution Manager, Gateway); and possible expansion to the growing scope of PepsiCo enterprise applications (e.g., SAP Ariba, Salesforce, etc.). This role has primary responsibility for maturing in-house capability of key SAP and SAP HANA/ S4 to support the IT Control Function where subject-matter expertise is often sourced with IT and vendor consultants\\contractors.
- Minimum of 5+ years’ experience in implementing SAP controls or security
- Minimum of 2 full life cycle implementations
- Willingness to travel 10-15%
- Broad understanding of Sarbanes Oxley compliance and COSO framework. Familiarity with audit, business controls, and segregation of duties (SOD) is a plus
- Deep understanding of principles of risk and control processes in general and general understanding of business and IT process areas within the PepsiCo (e.g. Supply Chain, Finance, Go-To-Market)
- Possess extensive knowledge about the SAP authorization concept and prior experience in security role design and SOD mitigation
- Knowledge of pepAGM and SAP's GRC tool or similar control automation solutions
- Knowledge of Microsoft Excel, Microsoft Access or similar
- Ability to lead complex design decisions for Technology amongst (often) competing priorities
- Ability to plan and organize development work and recreate deliverables
- Ability to present and defend design decisions across functional areas
- Lead multiple engagements auditing/ analyzing enterprise systems and/ or process risks
- Possess good decision-making skills and must have excellent communication skills
- Need to have organizational skills and be capable of multi-tasking
- Work with business representatives from entire North America sector and around the globe to understand end user requirements and implement a security solution to support them
- Excellent focus in the building of security policies and procedures and collaborating with various business partners
- Understand and effectively navigate within PepsiCo IT structure/ network to drive complex agenda
- Ability to work in a fast paced matrixed, global and virtual organization
Job Type: Regular
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, or disability status.
PepsiCo is an Equal Opportunity Employer: Female / Minority / Disability / Protected Veteran / Sexual Orientation / Gender Identity
For San Francisco Bay Area: Our Company will consider for employment qualified applicants with criminal histories in a manner consistent with the requirements of San Francisco Police Code Sections 4901 - 4919, commonly referred to as the San Francisco Fair Chance Ordinance.
If you'd like more information about your EEO rights as an applicant under the law, please download the available EEO is the Law & EEO is the Law Supplement documents. View PepsiCo EEO Policy
Please view our Pay Transparency Statement