Associate Director - Information Security

Security Lead Horizon ERP The Security Lead for the ERP program ensures robust governance and protection of ERP data and processes. This role includes maintaining managing data with privacy and accessibility best practices, and fortifying cybersecurity measures to protect sensitive information, ensuring the ERP system aligns with regulatory requirements and organizational values. As the ERP security lead, you will ensure the organization s ERP plan is in place and working. You will work in collaboration with other teams Globally to keep the data and systems safe from cyberattacks. You will also make sure the compliance and security practices are up to date and follow the best standards. ERP Security Lead Responsibilities Stay up to date with the latest industry trends, threats, and technologies to ensure that the organizations IT security measures are current and effective. Collaborate with team of compliance and security professionals, providing guidance, training, and support to ensure the effective execution of all initiatives. Maintain existing security mapping files and process with SailPoint for auto-provisioning in Production environment. Manage security load files at all Horizon conversions, including M&A Implement the organizations ERP compliance and security strategy, policies, and procedures. Maintain existing security mapping files and loads for test accounts in lower environments. Work with technical team on fine tuning and enhancing the SailPoint integration into Oracle Work with Infosys security team to document processes related to creation of new job roles, privilege assignments, environment refreshes. Ensure efficient, accurate processes and shortest possible implementation times Collaborate with other departments and regions to ensure that security requirements are integrated into the design and implementation of new systems and technologies. Review periodic exception access, AAC access for security team members, elevated access across modules, SOD conflicts across modules. Work hand in hand with management to prepare and present regular reports to senior management on the organizations ERP security posture, including insights, recommendations, and metrics Analyse and uphold appropriate security access controls to enforce least privilege policies Work with release teams on successful implementation of security defects and enhancements from Non-Prod to Production environments. Manage semi-annual security mapping review with GPLs, including job code to persona, persona to role, and abstract mapping. Work with Infosys security team lead to document service account uses and required access; perform semi-annual review Monitor and analyse security incidents, investigating any breaches or security incidents and implementing corrective actions as necessary. Ensure compliance with relevant regulatory requirements and industry standards, such as GDPR, HIPAA, ISO 27001, SOX (52-109) etc. ERP Security Lead Required Skills In-depth knowledge of IT security principles, best practices, and industry standards. Strong leadership and management skills, with the ability to motivate and inspire a Global team. Excellent problem-solving and analytical skills, with the ability to identify and mitigate compliance and security risks. Strong communication and interpersonal skills, with the ability to effectively communicate complex concepts to both technical and non-technical stakeholders. Proficiency in conducting risk assessments and vulnerability testing. Experience with security incident response and management. Familiarity with security tools and technologies, such as firewalls, intrusion detection and prevention systems, encryption, antivirus software, etc. Knowledge of network and system administration. Understanding of cloud computing security principles and best practices. Familiarity with regulatory requirements and industry standards related to IT security. Required Qualifications Proven experience in an IT security leadership role, with a track record of successfully implementing and managing IT security programs. Experience with risk management methodologies and frameworks. Familiarity with project management principles and practices. Excellent written and verbal communication skills. Strong attention to detail and the ability to prioritize and manage multiple tasks simultaneously.