This is your opportunity to join global organisation and shape the way we work with Information Security (IS) risk. In this role you would develop and support implementation of internal control framework primarily in the Access Control area, manage Segregation of Duties (SoD) matrix in global SAP environment, identify IS risks through assessments and monitor progress and effectiveness of remediation efforts.
Define IT Control requirements and follow-up on compliance
As our new Senior Specialist, you would be responsible for active management of SoD conflicts in global SAP, developing corresponding SoD ruleset and working with IT and business management to implement required compensating controls. You will also support development and maintenance of the IS policies and standards followed by Information- and Cyber Security awareness training and evaluation campaigns.
Specifically, you will:
- Maintain and develop ruleset used to manage Segregation of Duties (SoD) conflicts in SAP
- Liaise with the business to design and implement necessary process changes and mitigating controls to remediate existing SoD conflicts
- Support design, implementation and evaluation of the Information Security (IS) and Data Privacy Control Frameworks
- Support IS and data privacy reviews of Arla Global, International IT and key IT suppliers and Data Processors
- Liaise with Arla partners to assess results of their audits and support prioritization of remediation actions
- Define, maintain and support implementation of the IS and Data Privacy policies, standards, awareness programme and corresponding training activities.
SAP GRC, information security risk experience and strong communication skills
Your strong personal impact enables you to engage and influence stakeholders at all levels of the organisation. Whether it be a colleague working with operational implementation or our general council, you are a trusted and valued partner who understands both technical and business requirements. This allows you to explain complex concepts to business colleagues and senior stakeholders in a clear and concise manner that ensures buy-in.
To do so, you have:
- More than 2 years of experience in information security risk management, audit or consulting position in a complex, international organisation
- Experience in working with SAP GRC Access Control
- One of the following qualifications: CISM, CRISC, CISA, CISSP would be an asset
Joining Arla you will gain:
- Work in an international team
- Friendly atmosphere & comfortable work place
- Relocation package
Application and contact
If you want to seize this exciting opportunity, please apply as soon as possible. We process applications on a continuous basis and close the job opening once the right candidate has been found.