This job might no longer be available.

Lead, Application Security, Core Platform SAP

Magic Leap’s mission is to harmonize people and technology to create a better, more unified world. Magic Leap is a team of creatives and technologists building a personal, spatial computing platform that seamlessly blends the digital and physical worlds. Magic Leap’s Business Technology (BT) team is seeking a hands on Application Security Lead to provide strategic and tactical leadership for the design, build, implementation and maintenance of our ERP and CRM ecosystem.

Do you get excited about delighting your customers? Do you love building and shipping beautiful experiences? Do you enjoy leading your team through service, helping them grow and succeed?

Great. We’re going to change the world. Join us at Magic Leap, and let’s do it together!

JOB DESCRIPTION

A critical role of Magic Leap's Business Technology (BT) solutions teams Lead, Application Security will be responsible for the design, development, delivery, and support of technical security solutions leveraging SAP GRC and the SAP security framework for on-premise and cloud business technology solutions. In addition, this role will evaluate new or existing programs, maintenance, improvement, and support the business application solutions for internal business functions, which are based on the requirements and needs of such client base.

RESPONSIBILITIES

• Work with the Business users to design, develop and maintain Magic Leap’s SAP user management and security architecture, including hands-on design and build across a complex SAP architecture, including but not limited to S/4 HANA, GRC, Fiori, Hybris Commerce, Hybris Billing and other SAP and non SAP related cloud applications (Greenhouse, Bomi, SuccessFactors, Ariba, Concur, etc).
• Develop and implement SAP security policies, processes, architecture, training, and communications. This function includes identifying and implementing security solutions and proactively remediating vulnerabilities with existing solutions.
• Proactively analyze & understand the risks associated with application security exposures, provide solutions to eliminate/reduce exposure.
• Monitor to ensure compliance with Magic Leap IT security standards and the SAP IT security framework.
• Ensure adherence to government and corporate security guidelines including SOD, SOX, and other privacy related standards such as GDPR.
• Responsible for working with the Enterprise Architects, solution architects and business process owners to translate business requirements into SAP security design.
• Assist in periodic control activities such as regular review of user access, critical role review, and annual IT control testing support.
• Administration of SAP GRC configuration, rule sets, workflows and approvals for user provisioning, emergency access and access recertification.
• Develop and deliver documentation and training as needed to ensure proper system usage and understanding.
• Design and deploy security reporting based on business requirements.
• Performs Segregation of Duties analysis and manages the mitigation process; monitor production environments for security violations.
• Perform system measurement for SAP licensing purposes and monthly metrics.
• Oversee the compliance and audit requests including monthly internal reviews, quarterly IT self-testing, semi-annual internal audits and annual external audits.
• Lead and oversee a team of Operations Support members to accomplish Security Support tasks.

REPORTING RELATIONSHIPS

As our Lead Application Security, you will report to our Manager, Business Technology, Core Platform.

QUALIFICATIONS

• Must have 12+ years of overall IT experience, with 8+ years of SAP Security and GRC experience
• Strong understanding of information security management principles, SAP application security implementation methodologies, and SAP user and role management tools
• In-Depth understanding and implementation knowledge of SAP GRC Access Control and Process Control
• Solid experience with SAP security across various applications including but not limited to S/4 HANA, Fiori, Hybris Commerce, Hybris Billing and other SAP cloud systems (SuccessFactors, Ariba, Concur, etc)
• In-depth understanding of SAP Security roles and authorization concept
• Solid understanding of SOX compliance laws, SOD conflict issues
• Expert level knowledge of various Audit and Security controls
• Ability to work effectively across a cross section of organization (Internal Audit, functional teams, business process leads ,etc.)
• Completion of a full lifecycle SAP GRC Access control implementation
• Must have good understanding of SAP process knowledge and SODs
• Expert knowledge of business processes across Finance, Sales, Supply Chain, Human Resources
• Information security and/or SAP GRC professional certification(s) preferred
• Expertise on administering Salesforce security is preferred

EDUCATION

Education and/or Experience: Bachelor's degree (B.A.) from four-year college or university in Engineering, Computer Science or a related field

ADDITIONAL INFORMATION

All your information will be kept confidential according to Equal Employment Opportunities guidelines