Application Security Manager

At Algonquin-Liberty, we hire passionate people who care about doing the right thing for our customers. We are entrepreneurial, creative, and outcome-focused. Here, your natural talent and achievements will flourish in an inclusive environment of teamwork, trust and continuous learning. We are always pursuing excellence to exceed our ambitions goals, rewarding both the goal outcome and how we achieve it.

Purpose

We are looking for an Application Security Manager responsible for leading Liberty’s application security functions such as ERP application role-based access control, security roles, segregation of duties analysis, security role Provisioning solutions, security workflow, business process controls, security analytics, enterprise GRC solutions, identity and access management, application security governance, vulnerability assessments & remediation. You will lead a team of security professionals across service providers and in-house staff to drive, implement, and maintain capabilities of the security solution to ensure its ability to effectively support the business, audit control and compliance initiatives. You have strong leadership and communication skills allowing you to manage and negotiate with various stakeholders from business units, suppliers and internal IT and security departments. The application security manager reports to the head of business applications and works in cooperation with the enterprise security group to control, manage and mitigate security risks across the entire application portfolio.

#LI-Hybrid

Accountabilities

• Own and manage the application security portfolio
• Develop and expand the Liberty application security program.
• Lead business process controls and work closely with Liberty’s Transformation team as it pertains to application security controls and responsibilities.
• Accountable to provide SAP and Non-SAP Application Security Standards & Policies for projects and steady state.
• Accountable to configure and maintain security roles and provisioning solutions, protecting against improper access, modification, and deletion of sensitive data.
• Establish processes to review and assess vulnerability reports and alerts to ensure secure operations and adherence to best practices and regulatory compliance. Ensure remediation plans are developed with service providers and/or internal team members.
• Lead review sessions of functional and technical design specifications for application security-specific controls on RICEFW objects.
• Provide support and assistance during internal and external audits, working with compliance, SOX, IT, internal audit and business teams.
• Review / establish Audit Logging Process including SOX & SOC 2 Reports
• Lead efforts on sampling existing roles and provisioning to ensure policy and procedural compliance.
• Manage Liberty’s 3rd Party Application Management Service provider to ensure optimal service & SLA compliance for application security
• Lead and manage internal IT staff in the delivery of the application security program.
• Manage enterprise Governance, Risk and Control (GRC) technology enablement.
• Collaborate with project teams to gather security-specific requirements and translate requirements into design.
• Manage the successful technical delivery of Information Security projects and services by working directly with key stakeholders and various parties.
• Act as the glue between enterprise security, enterprise application and business groups to ensure all participants are working in unison to protect Liberty’s interests.

Education and Experience

• 10+ years of experience in SAP security authorization concept and design.
• Strong knowledge of accounting and/or IT General Controls.
• Expert-level knowledge of SAP Security functionality and implementation methodology (including GRC, S4 HANA, Fiori/Gateway, BW, SAC, Solman, SAP GUI, Mobility, etc.).
• Leading teams to perform L1 and L2 support for SAP Application Security & resolve production issues within SLA.
• Experience working with external managed services providers
• Excellent customer service and communication (oral / written) skills required.
• Strong critical thinking, analytical skills, and ability to think “out of the box” required.
• Bachelor’s degree in Computer Science, Engineering, or equivalent work experience.
• Familiarity with any of COBIT, SOX, NERC and FERC is an asset

Our purpose is sustaining energy and water for life, and it is demonstrated in everything we do as a business and as an employee team.

Our Mission

We provide safe, secure, reliable, cost-effective and sustainable energy and water solutions. Our mission is how we create value as an organization—it is what drives us every day to fulfill our purpose.

Our Vision

We better the lives of our customers and communities. Our vision is what we see as possible. It's where we aspire to be, what we want to achieve and how we'll make an impact. It guides and keeps us on the right path as we work towards fulfilling our purposes.

Our Guiding Principles

• Customer Centric
• Integrity
• Entrepreneurial
• Teamwork
• Owner mindset
• Outcome focused
• Continuous learning

What we offer

Share purchase/match plan

A defined contribution savings plan

Leadership Development Program

Volunteer paid days off

Employee Assistance Program

Achievement fund

Group Benefit Plan

Variety of Health & Wellness programs

Discount and Perks program

We are focused on building a diverse and inclusive workforce. If you are excited about this role and are not confident you meet all the qualification requirements, we encourage you to apply to investigate the opportunity further.

We are an equal opportunity employer and value each person's unique background, diversity, experiences, perspectives and talents.

Full participation of all employees in a safe, healthy and respectful environment is key to individual and company success. We are committed to fully utilizing the abilities of all our employees and expect each of our employees to honour this commitment in their daily responsibilities.

Liberty