Application Security & Authorizations Manager

About The Position

Requirements

• Bachelor's degree in Information Technology, Business Systems, or related field.
• 8+ years of experience in Application Security, Identity and Access Management, IT Security Operations.
• Proven experience managing application security programs and IAM in enterprise environments.
• Strong understanding of security frameworks and tools (e.g., SSO, MFA, OAuth, SAML).
• Excellent communication and stakeholder engagement skills.

Nice To Haves

• Certifications such as CISSP, CISM, or relevant security/IAM platforms.
• Experience with automation and integration of security and access management tools.
• Background in consumer goods or similar industries.
• Familiarity with audit, compliance, and regulatory processes (e.g., SOX, GDPR, ISO 27001).

Responsibilities

• Policy & Compliance Management: Develop, implement, and enforce robust application security policies, standards, and procedures. Ensure continuous compliance with internal controls and external regulations such as SOX, GDPR, etc.
• Role-Based Access Control (RBAC) & SoD: Design, manage, and maintain effective Role-Based Access Controls (RBAC) and Segregation of Duties (SoD) frameworks to prevent conflicts of interest and unauthorized access across all systems.
• SAP Security Expertise: Oversee all aspects of SAP security, including role design, user administration in various SAP systems (S/4HANA, Fiori, TM, BTP), and management of SAP GRC (Governance, Risk, and Compliance) solutions for automated risk analysis and reporting.
• Enterprise Systems Oversight: Manage core non-SAP platforms Integrations with IAM (e.g., Azure AD or Entra, Okta, SailPoint and any application specific tooling), ensuring seamless user lifecycle management (joiners, movers, leavers) and integration with various cloud based SAAS services and systems.
• Operational Excellence & Process Improvement: Champion the continuous improvement of security operations by optimizing existing processes, standardizing procedures, leveraging automation technologies, and reducing manual effort within the security and provisioning lifecycles.
• Access Monitoring & Incident Response: Monitor system access logs, review exception reports, and investigate potential authorization misuse or breaches. Lead rapid response efforts to contain, analyze, and remediate application security incidents specifically related to user roles, permissions, and compromised credentials.
• Auditing & Reporting: Coordinate internal and external audits by providing documentation and evidence of access controls. Oversee and execute the quarterly User Access Review (UAR) process, ensuring timely completion, documentation of evidence, and remediation of discrepancies. Report on security metrics and compliance status to senior management.
• Team Leadership & Collaboration: Lead, mentor, and train a team of security analysts and collaborate effectively with IT and business stakeholders and product Teams to ensure application security requirements are met across all projects and operations.

Benefits

• We offer comprehensive package of benefits including paid time off, medical/dental/vision insurance, 401(k), and any other benefits to eligible employees.