Security Lead, SAP Solutions

City: Warsaw

Country/Region: PL

Application Deadline: N/A

Security Lead, SAP Solutions

Do you want to be a part of the world’s biggest jewelry manufacturer and leverage your SAP security expertise? Are you a forward-thinking SAP Security expert who thrives on keeping up with the latest in technology? Do you have an unwavering passion for ensuring the confidentiality, integrity, and availability of SAP systems and data within a global context? If so, we have an exciting opportunity for you! We are looking for a Security Lead, specializing in SAP Solutions, to champion, build, and elevate our security capabilities within Pandora. You will be part of a growing business area and work in an international organization of can-do spirited, passionate, and performance-driven people.

Pandora’s Transformational Journey

As part of our digital transformation, in 2023 we launched our business transformation Program “Compass” which aims at simplifying our business, driving standardization, and setting strong foundations for our growth.

We are a greenfield implementation leveraging the newest SAP technologies such as SAP S4 HANA on Private Cloud, cloud ALM, BTP as well as Kafka for integration capabilities. We have started building a strong internal team of SAP experts and are continuing to do so. Our scope is truly global, and we cover processes from manufacturing, distribution, retail, to procurement and finance.

Expect a global journey ahead where you will become the torchbearer of cutting-edge SAP practices, advocating for the latest advancements in S/4HANA and cloud programming.  Our S/4HANA platform will enable PANDORA´s future business growth and customer excellence through automation and process simplification.

Your role as a Security Lead, SAP Solutions

In the capacity of Lead Security Architect, your contributions will be pivotal in raising the bar for SAP security practices within Pandora. You will play a key role in defining and executing our security strategy, ensuring it aligns with the dynamic and evolving SAP landscape, from traditional on-premises systems to cutting-edge cloud platforms.

Your responsibilities include:

Designing and maintaining a sustainable security and access model for SAP systems, including S4, SAP ALM Applications, Fiori, SAP BTP, and connecting 3rd Party applications.
Identifying vulnerabilities in areas such as SAP RFCs, passwords, security baselines, data encryption, authorizations, patching, threat detection, and data loss prevention.
Manging role design and ability to explain segregation of duties in SAP to non-SAP audience.
Establishing comprehensive security policies, standards, and procedures for operating SAP systems and meeting Pandora and regulatory requirements.

Developing and maintaining a strategic SAP cybersecurity roadmap aligned with business goals while mitigating risks.
Proactively identifying insecure designs and vulnerabilities and designing measures to mitigate risks.
Fully documenting security designs, architectures, and operational processes through diagrams and clear written documents.
Facilitating important decisions related to SAP security architecture and technologies.
Acting as a subject matter expert for SAP cybersecurity during audits and projects, offering guidance and recommendations.

Establishing effective communication with stakeholders of all levels, translating complex security requirements for technical teams and executives.
Utilizing architectural frameworks to create secure system designs.
Engaging SAP and cybersecurity vendor ecosystems to drive improvements and select appropriate partners.

What is needed to succeed:

Experienced in architecting end-to-end security solutions for SAP landscapes and designing compliant security models aligned with industry standards
Proficient in SAP security concepts, including authentication and authorization mechanisms, information/network security protocols and best practices for securing SAP systems. Including Single Sign On implementation.
Proficient in designing and configuring SAP Fiori authorizations, defining, and managing SAP Business Roles for access control, and ensuring user-friendly security for Fiori tiles and components.
Working knowledge of SAP products like SAP IAS, SAP IPS, SAP IAG.

Experience in defining security baseline and managing authorizations within the SAP Business Technology Platform (BTP) environment.
Familiarity with identity and access management (IAM) concepts in cloud environments.
Knowledge of best practices for securing the user interface and user experience in SAP applications.
Understanding of securing integrations between SAP systems and third-party applications, including proficiency in implementing secure communication protocols and API security mechanisms.
Skill in conducting security risk assessments and vulnerability assessments.

Knowledge of regulatory compliance frameworks, such as GDPR, SOX, and industry-specific standards.

About Pandora

Pandora is the world's largest jewellery brand. The company designs, manufactures and markets hand-finished jewellery made from high-quality materials at affordable prices. Pandora jewellery is sold in more than 100 countries through 6,500 points of sale, including more than 2,500 concept stores.

Headquartered in Copenhagen, Denmark, Pandora employs 32,000 people worldwide and crafts its jewellery at two LEED-certified facilities in Thailand. Pandora is committed to leadership in sustainability and will purchase only recycled silver and gold for crafting its jewellery by 2025 and halve greenhouse gas emissions across its value chain by 2030. Pandora is listed on the Nasdaq Copenhagen stock exchange and generated sales of DKK 26.5 billion (EUR 3.6 billion) in 2022.

Pandora’s recruitment procedures are designed to be transparent and clear for all candidates. This helps us ensure that applicants are provided with a fair and equal opportunity to demonstrate their competencies and skills by removing blocking factors, possible biases, and risks of discrimination. We encourage everyone applying to our vacancies to refrain from adding identity-related elements such as a photo, marital status, and age.