Lead Analyst - IT Global ERP Security & Compliance

Job Title:

Lead Analyst - IT Global ERP Security & Compliance

Summary:

This position works closely with ERP IT project teams and business process owners to deliver secure, efficient, and timely ERP security solutions. It plays a critical role in ensuring Momentive’s ERP Segregation of Duties (SoD) framework remains compliant with SOX regulations. Additionally, the role involves active collaboration with other IT security teams to support a unified defense strategy aligned with the broader goals of enterprise IT security.

Responsibilities Include:

• Develop and implement enterprise-wide ERP/SAP security strategies, policies, and standards.
• Collaborate with ERP IT teams and business to design role-based access control and segregation of duties (SoD) frameworks.
• Manage user administration, single sign-on (SSO), and other advanced security measures.
• Oversee user provisioning, access requests, and role management.
• Conduct regular reviews of user roles and permissions to ensure proper access controls.
• Ensure compliance with industry standards, regulatory requirements (e.g., SOX, etc), and organizational policies.
• Conduct internal and external audits, documenting findings and recommendations as per the demands from Internal and External Audit teams.
• Implement and maintain ERP GRC (Governance, Risk, and Compliance) solutions for monitoring and reporting.
• Work closely with IT teams, business, and audit teams to align SAP security goals with organizational objectives.
• Act as a liaison between stakeholders to address security concerns and propose solutions.
• Investigate ERP security incidents/requests, determine root causes, and implement corrective actions.
• Provide IT security teams with training on SAP/ERP-specific threats, such as SoD conflicts, advanced access controls, user access reviews.
• Collaborate with IT security to identify the root cause of incidents, whether it's misconfigured access, phishing attacks, or malware.
• Establish a regular cadence of meetings or updates with IT security teams to discuss emerging threats, incidents, and proactive measures.
• Perform risk analysis to determine the potential impact of threats involves a structured approach to identifying, assessing, and prioritizing risks to an organization's information systems
• Conduct security awareness simulations such as phishing assessments to help employees understand potential threats, recognize attack methods.
• Support the governance aspect of the NIST Cybersecurity Framework by ensuring that cybersecurity policies, procedures, and strategies align with organizational goals and risk management practices.
• Stay updated on emerging SAP security threats, trends, and technologies.
• Identify opportunities to enhance SAP security measures and lead their implementation.
• Provide training and knowledge-sharing sessions for IT and business users.
• Excellent communication and leadership skills to interact with diverse teams.

Qualifications:

The following are required for the role

• 7-12 years of ERP Security Administration experience including ECC R/3, BW, PI, PLM, Portal and GRC 10.1 or similar in SAP Security
• Proven expertise in SAP/ERP GRC modules, risk analysis, and access control.
• Bachelor of Science in Computer Information Systems, Information Technology or related field.

Preferred qualifications

• External compliance standards/regulations (i.e., SOX) experience.
• Understanding of audit processes, procedures and IT internal control frameworks/structures.
• SAP/ERP Certified Technology Associate – SAP Security and Authorizations.
• Knowledge of other IT security systems that integrate with SAP, such as Identity and Access Management (IAM) or SIEM (Security Information and Event Management) tools.
• CISSP, CISM, or other relevant security certifications.

#LI-Hybrid

What We Offer:

At Momentive, we value your well-being and offer competitive total rewards and development programs. Our inclusive culture fosters a strong sense of belonging and provides diverse career opportunities to help you unleash your full potential. Together, through innovative problem-solving and collaboration, we strive to create sustainable solutions that make a meaningful impact. Join our Momentive team to open a bright future. #BePartoftheSolution

About Us: