Sap Cyber Threat Management Specialist

LyondellBasell NYSE LYB As a leader in the global chemical industry LyondellBasell strives every day to be the safest best operated and most valued company in our industry The company s products materials and technologies are advancing sustainable solutions for food safety access to clean water healthcare and fuel efficiency in more than 100 international markets LyondellBasell places high priority on diversity equity and inclusion and is Advancing Good with an emphasis on our planet the communities where we operate and our future workforce The company takes great pride in its world-class technology and customer focus LyondellBasell has stepped up its circularity and climate ambitions and actions to address the global challenges of plastic waste and decarbonization For more information please visit or follow on LinkedIn Basic FunctionThis is a role for Information Security Cybersecurity Specialist with a focus on threat pattern detection and SAP GRC Governance Risk and Compliance to join our growing team This individual will be responsible for identifying and mitigating security threats managing vulnerabilities and ensuring the organization s security posture is robust especially within SAP environments The ideal candidate will possess in-depth experience with SAP GRC Access Control SAP GRC Process Control SAP Basis concepts technical SAP integration threat intelligence incident response SAP security controls and specialized tools such as SAP ETD Enterprise Threat Detection Onapsis and SecurityBridge etc combined with a strong understanding of cybersecurity frameworks and governance best practices Roles ResponsibilitiesThe SAP Cyber Threat management Specialist will have the following responsibilities Threat Detection Analysis Monitor analyze and respond to security incidents and anomalies within SAP environments using tools like SAP ETD Onapsis and SecurityBridge to detect and prevent security threats in real time Perform proactive threat hunting and forensic analysis leveraging SAP ETD SecurityBridge and other threat detection tools to identify vulnerabilities and suspicious activity in SAP systems Develop refine and tune detection mechanisms to address emerging and evolving threats within SAP environments including SAP S 4HANA ECC and other related systems SAP Security GRC Configure implement and manage SAP GRC Access Control and SAP GRC Process Control tools to support governance risk management and compliance initiatives across SAP landscapes Lead the identification monitoring and remediation of security vulnerabilities in SAP systems using Onapsis SAP ETD and SecurityBridge to assess and protect against threats including unauthorized access configuration issues and compliance gaps Conduct periodic security assessments audits and penetration testing on SAP systems ensuring compliance with internal policies and industry standards Risk Vulnerability Management Collaborate with cross-functional teams to assess and prioritize security risks in SAP and non-SAP systems Conduct risk assessments threat modeling and vulnerability scanning providing actionable insights for mitigation and remediation Incident Response Reporting Lead or assist in cybersecurity incident investigations and root cause analysis ensuring rapid detection and containment of threats using SAP ETD Onapsis and SecurityBridge etc Generate and communicate detailed incident reports including post-mortem analyses and actionable recommendations for improving security posture Develop and test incident response plans and procedures integrating SAP ETD SecurityBridge and other relevant tools into the response workflow Governance Risk and Compliance GRC Manage and enhance the organization s SAP GRC Access Control and SAP GRC Process Control frameworks to ensure compliance with relevant regulations e g GDPR SOX PCI-DSS and industry standards Use Onapsis and SAP GRC Process Control to continuously monitor SAP systems for compliance and risk management ensuring alignment with governance and regulatory requirements Support internal and external audits ensuring security and compliance measures are met and providing necessary documentation and evidence SAP Basis Technical Integration Apply a strong understanding of SAP Basis concepts e g system architecture user management transport management database management to support security and risk mitigation efforts within SAP systems Collaborate with Basis and technical teams to ensure secure configuration integration and management of SAP systems including SAP S 4HANA SAP ECC and other related components Security Best Practices Awareness Stay up to date with emerging trends threats and best practices in cybersecurity SAP security and tools like SAP ETD SAP GRC Access Control SAP GRC Process Control Onapsis SecurityBridge and SAP Basis Advocate for the integration of security by design in SAP system implementations updates and customizations Min QualificationsBachelor s degree in Information technology Computer Science or related disciplineWork Experience Skills Minimum of 12 years of experience in information security cybersecurity or risk management with a focus on SAP threat detection and vulnerability management Expertise in SAP GRC Access Control including role management segregation of duties SoD user provisioning and SAP GRC Process Control for continuous control monitoring and auditing Strong understanding of SAP Basis concepts including SAP system architecture user management transport management and database management Experience with technical SAP integration e g RFC ALE IDocs BAPIs and securing SAP integration points Hands-on experience with SAP ETD Enterprise Threat Detection Onapsis and SecurityBridge for security monitoring and vulnerability management in SAP environments Strong understanding of threat intelligence security monitoring and incident response processes Experience with SIEM solutions Splunk ArcSight QRadar etc and other security technologies for real-time monitoring and threat detection In-depth knowledge of network security encryption firewalls and identity and access management IAM Familiarity with cybersecurity frameworks NIST ISO 27001 CIS etc and regulatory compliance GDPR SOC 2 SOX PCI-DSS Experience in penetration testing or ethical hacking is a plus Leadership Competencies Proven leadership ability Demonstrated executive presence and influence ability to build client relationships Ability to set and manage priorities judiciously Excellent written and oral communication skills Excellent interpersonal skills Ability to articulate ideas to both technical and non-technical audiences Exceptionally self-motivated and directed Superior analytical evaluative and problem-solving abilities Exceptional service orientation Ability to motivate in a team-oriented collaborative environment Certifications Preferred Skills Certifications such as CISSP CISM CISA SAP Certified Technology Associate in Security or other relevant security certifications Experience with cloud security AWS Azure Google Cloud Familiarity with DevSecOps principles and integration of security in agile development pipelines Preferred QualificationsCompetenciesBuild PartnershipsDeliver ResultsDrive InnovationGrow CapabilitiesPromote InclusionMotivational Cultural FitTechnical SkillsWe are LyondellBasell - a leader in the global chemical industry creating solutions for everyday sustainable living Through advanced technology and focused investments we are enabling a circular and low carbon economy Across all we do we aim to champion our employees and unlock value for customers investors and society LyondellBasell places high priority on diversity equity and inclusion and is strongly committed to our planet the communities where we operate and our future workforce As one of the world s largest producers of polymers and a leader in polyolefin technologies we develop manufacture and market high-quality and innovative products for applications ranging from sustainable transportation and food safety to clean water and quality healthcare For more information please visit or follow on LinkedIn Must be at least 18 years of age and must be legally authorized to work in the United States US on a permanent basis without visa sponsorship LyondellBasell does not accept or retain unsolicited rxc3xa9sumxc3xa9s or phone calls and or respond to them or to any third party representing job seekers LyondellBasell is an equal opportunity employer We evaluate qualified applicants without regard to race color religion sex sexual orientation gender identity national origin disability age veteran status and other protected characteristics The US EEO is the Law poster is available