This individual is responsible for the security design supporting McKesson business processes, and organizational structure in the most effective and efficient manner while ensuring compliance with all security and architectural mandates. This individual will work very closely with other teams including those within McKesson Shared Services, Cybersecurity, and the compliance and audit teams. Leadership and technical competence are a must.
Areas of Responsibilities include:
· Act as a subject matter expert for security and compliance on JD Edwards E1 and SAP systems (ECC, S4, GRC, Access Control, Process Control, ETD and others)
· Identifying gaps and improvements in the current security implementation
· Expansion of security capabilities to take full advantage of the JDE and SAP security tools available
· Updates and implementation of Master Data such as Roles/Entitlements, Role Owners, SOD rules changes, Security Configuration, threat patterns etc.
· Provide subject matter expertise and oversight as needed for projects requiring security access and compliance support
· Provide training to other security team members on security services activities and domain knowledge, so that service delivery and support can be shared
Support the ongoing security service for JDE and SAP and JDE Security through:
· Meeting all defined service levels and defined performance objectives
· Expand automated processes and workflows to deliver on business projects
· Security Strategy Development and Management
· Role design and implementation
· Access provisioning and de-provisioning of users
· Identity life cycle and user maintenance
· Serve as a leader for implementing security architecture
· Possess and able to convey a strategic vision and end state design for interrelated business and security processes (i.e., Access administration and Security controls, threats and vulnerabilities)
· Coordinate all security designs with various Business Units and Cybersecurity teams
· Analyze and implement security requirements
· Recommends and develops security measures to protect information against unauthorized modification or loss
· Works closely with both technical and functional teams to ensure the success of the overall security solution
· Serve as Security subject matter expert and provide advisory and consulting services as needed
· Strong ability to collaborate with application teams, administration teams, and business partners to design and implement technical security solutions on JDE, SAP, and associated bolt-on applications
· Experience with integration of SAP and JD Edwards security administration with Identity Management platforms is a plus
Support of SOX Compliance through:
· Adherence to, and delivery of SOX controls and procedures
· Support of compliance initiatives, and audits both internal and external
· Support of recurring security assessments and access reviews
Support the ongoing improvement of Security & Compliance area:
· Providing ideas for improvement initiatives
· Self-managing through improvement projects and providing clear measurable results