Purpose
We are looking for an Application Security Manager responsible for leading Liberty’s application security functions such as ERP application role-based access control, security roles, segregation of duties analysis, security role Provisioning solutions, security workflow, business process controls, security analytics, enterprise GRC solutions, identity and access management, application security governance, vulnerability assessments & remediation. You will lead a team of security professionals across service providers and in-house staff to drive, implement, and maintain capabilities of the security solution to ensure its ability to effectively support the business, audit control and compliance initiatives. You have strong leadership and communication skills allowing you to manage and negotiate with various stakeholders from business units, suppliers and internal IT and security departments. The application security manager reports to the head of business applications and works in cooperation with the enterprise security group to control, manage and mitigate security risks across the entire application portfolio.
#LI-Hybrid
Accountabilities
- Own and manage the application security portfolio
- Develop and expand the Liberty application security program.
- Lead business process controls and work closely with Liberty’s Transformation team as it pertains to application security controls and responsibilities.
- Accountable to provide SAP and Non-SAP Application Security Standards & Policies for projects and steady state.
- Accountable to configure and maintain security roles and provisioning solutions, protecting against improper access, modification, and deletion of sensitive data.
- Establish processes to review and assess vulnerability reports and alerts to ensure secure operations and adherence to best practices and regulatory compliance. Ensure remediation plans are developed with service providers and/or internal team members.
- Lead review sessions of functional and technical design specifications for application security-specific controls on RICEFW objects.
- Provide support and assistance during internal and external audits, working with compliance, SOX, IT, internal audit and business teams.
- Review / establish Audit Logging Process including SOX & SOC 2 Reports
- Lead efforts on sampling existing roles and provisioning to ensure policy and procedural compliance.
- Manage Liberty’s 3rd Party Application Management Service provider to ensure optimal service & SLA compliance for application security
- Lead and manage internal IT staff in the delivery of the application security program.
- Manage enterprise Governance, Risk and Control (GRC) technology enablement.
- Collaborate with project teams to gather security-specific requirements and translate requirements into design.
- Manage the successful technical delivery of Information Security projects and services by working directly with key stakeholders and various parties.
- Act as the glue between enterprise security, enterprise application and business groups to ensure all participants are working in unison to protect Liberty’s interests.
- 10+ years of experience in SAP security authorization concept and design.
- Strong knowledge of accounting and/or IT General Controls.
- Expert-level knowledge of SAP Security functionality and implementation methodology (including GRC, S4 HANA, Fiori/Gateway, BW, SAC, Solman, SAP GUI, Mobility, etc.).
- Leading teams to perform L1 and L2 support for SAP Application Security & resolve production issues within SLA.
- Experience working with external managed services providers
- Excellent customer service and communication (oral / written) skills required.
- Strong critical thinking, analytical skills, and ability to think “out of the box” required.
- Bachelor’s degree in Computer Science, Engineering, or equivalent work experience.
- Familiarity with any of COBIT, SOX, NERC and FERC is an asset
Our Mission
We provide safe, secure, reliable, cost-effective and sustainable energy and water solutions. Our mission is how we create value as an organization—it is what drives us every day to fulfill our purpose.
Our Vision
We better the lives of our customers and communities. Our vision is what we see as possible. It's where we aspire to be, what we want to achieve and how we'll make an impact. It guides and keeps us on the right path as we work towards fulfilling our purposes.
Our Guiding Principles
- Customer Centric
- Integrity
- Entrepreneurial
- Teamwork
- Owner mindset
- Outcome focused
- Continuous learning
Share purchase/match plan
A defined contribution savings plan
Leadership Development Program
Volunteer paid days off
Employee Assistance Program
Achievement fund
Group Benefit Plan
Variety of Health & Wellness programs
Discount and Perks program
We are focused on building a diverse and inclusive workforce. If you are excited about this role and are not confident you meet all the qualification requirements, we encourage you to apply to investigate the opportunity further.
We are an equal opportunity employer and value each person's unique background, diversity, experiences, perspectives and talents.
Full participation of all employees in a safe, healthy and respectful environment is key to individual and company success. We are committed to fully utilizing the abilities of all our employees and expect each of our employees to honour this commitment in their daily responsibilities.