The Assoc. Dir. DDIT APD Shared Services is responsible for governing the design & implementation of SAP security roles, ensuring compliance and efficient access control that adheres to the least privilege principle, free from Segregation of Duties (SoD) conflicts and comply with CFC and GxP requirements.

Overseeing the delivery of operational enhancement services, ensure cost efficiency and secure design. Responsible of providing expert advice and guidance as the subject matter expert (SME) for security in project engagement. Drives continuous improvements, process simplification, standardization, automation, and productivity improvement.

• Involve as role design authority providing advisory & security reviews for role change implementation delivered by vendor teams
• Serve as the SME for security in project security design engagements, providing expert advice and guidance in user access solution integration across SAP and non-SAP environments (including SAP Cloud solutions).
• Support cross-functional teams on security-related design matter, ensuring seamless coordination and value delivery.
• Support vendor service performance, ensuring quality standards are met.
• Identify opportunities for service assurance, continuous improvements, process simplification, standardization, automation, and productivity improvement.

Key Performance Indicators

• Adherence to Novartis IT quality standards ; Level of maturity of process controls for Process;
• Proper role design & segration of duties adherence to Security design concept papers
• Timely completion of security tasks within project deadlines – on-time, on-quality and on-budget.
• Regular successful audit with no significant non-compliance issues related to user access management from project delivery
• Demonstrated success supporting IT and non-IT stakeholders to meet security & Project goals

Work Experience

• Bachelor’s degree in engineering, Computer Science/Information Technology,
• Extensive experience in SAP Security & Authorziation design and governance,
• Proven track records, preferable with more than 5 end-to-end project experiences in SAP S&A implementation or rollout.
• Experience managing vendor services and ensuring alignment with security standards,
• Good exposure to one or more technology landscapes – SAP GRC, IAG, ECC, S4/HANA, SAP BTP, HANA/BW/BO, SRM, MDM, SAP SaaS (ARIBA, Concur) & other SAP endorsed apps.
• Experience with other identity lifecycle management products is a strong plus.

Skills

• SAP Security & Authorization
• Risk & Compliance
• Project management
• Vendor management
• Change Management.
• Stakeholder Management.
• Change management

Language 

• English