Associate Director, ERP Security

BeOne continues to grow at a rapid pace with challenging and exciting opportunities for experienced professionals. When considering candidates, we look for scientific and business professionals who are highly motivated, collaborative, and most importantly, share our passionate interest in fighting cancer.

General Description:

BeOne is seeking an experienced and motivated ERP Security Lead to oversee the security of our Enterprise Resource Planning (ERP) platforms. The ideal candidate will be responsible for developing, implementing, and maintaining robust security protocols, ensuring the confidentiality, integrity, and availability of critical business applications and data.

This role has hybrid work pattern, 3 days per week from our Warsaw office with 2 days remote.

Essential Functions of the job:

ERP Security Architecture

• Architect and implement end‑to‑end security frameworks across enterprise ERP systems.
• Define identity, access, data protection, and compliance controls for ERP solutions.
• Establish and maintain role‑based access models, segregation of duties (SoD), and least‑privilege structures across ERP platforms.
• Own the design, maintenance and continuous improvement of security procedures, and standards supporting SAP security and access governance.
• Identify opportunities to automate controls and improve governance processes leveraging enhanced AI capabilities
• Stay current on SAP GRC updates, security trends, and regulatory changes
• Document security architecture, processes, and incident response activities
• Lead the design, implementation, and management of security controls across ERP systems

SAP Security Weaver implementation and Support

• Knowledgeable and experienced professional with expertise in the Security Weaver platform, specifically in the SE (Separations Enforcer), SP (Secure Provisioning), ER (Emergency Repair), RR (Role Recertification), and TA (Transaction Archive) modules.
• Manage and maintain the Security Weaver platform to ensure its efficient operation.
• Utilize the SE module to enforce separation of duties, ensuring compliance and preventing conflicts in role assignments.
• Leverage the SP module to manage secure provisioning, maintaining proper allocation of roles and permissions within the organization.
• Implement the ER module for efficient emergency repairs and ensure quick resolution of critical issues.
• Conduct RR processes to ensure accurate and up-to-date role certifications, maintaining compliance with organizational policies.
• Use the TA module for detailed transaction archiving, ensuring proper documentation and retrieval for audits and compliance purposes.

SAP GRC Implementation and Support

• Develop and enforce security policies, standards, and procedures tailored to ERP environments.
• Perform system upgrades, enhancements, and integrations with SAP ECC or S/4HANA

Operational Security Leadership

• Lead and mentor a team of security professionals responsible for SAP security governance, access management and control execution.
• Produce high‑quality documentation, security models, and governance artifacts.

Access and Security Management

• Design and maintain SAP role-based security and authorizations aligned with business and compliance requirements
• Analyze and remediate Segregation of Duties (SoD) conflicts
• Support user provisioning, role reviews, and firefighter access processes
• Monitor, investigate, and respond incident response and root‑cause analysis for ERP‑related security events.

Compliance & Audit Support
 

• Ensure SAP security and access controls are appropriately designed, tested, and validated as part of the SDLC, partnering with IT, IT Validation, and IT Compliance to support secure and compliance system changes.
• Support internal and external audits by preparing, coordinating, and providing required evidence, and ensuring timely resolution or identified findings.
• Conduct regular risk assessments and vulnerability analyses of ERP platforms, recommending and driving remediation efforts.

Stakeholder Collaboration/Project Delivery
 

• Partner with IT Solution Owners, and business stakeholders to integrate security requirements into system changes, enhancements, and ongoing support.
• Provide end-user training and support for GRC processes
• Provide technical guidance and review for SAP security designs, access models, and control implementations, ensuring alignment with enterprise risk and compliance requirements across all SAP Platforms S/4 HANA, GTS, Ariba, Concur, BTP and others.
• Lead SAP security initiatives and projects related to access governance, role design and system security, aligned with enterprise risk objectives.

Reporting & Continuous Improvement
 

• Develop dashboards and reports for risk, access, and compliance monitoring
• Monitor security risks, control performance, and compliance posture, using metrics and reporting to inform leadership and drive improvements.

Integrations, Data & Cloud Security

• Conduct security assessments for ERP customizations, integrations, APIs, data migration pipelines, and third‑party extensions.
• Ensure secure data movement, encryption, retention, and cross‑system access governance.

Supervisory Responsibilities:  

This position includes managing employees, supplier, coaching and mentoring of junior staff with training / orientation / qualification and development plan when required.

Other Qualifications:  

• Bachelor’s degree in Computer Science, Information Security, or related field (Master’s preferred).
• 8+ years of experience in information security, with at least 4 years in an ERP security role (SAP).
• Strong understanding of ERP architecture, modules, and data flows.
• Demonstrated expertise in access management, segregation of duties, and security monitoring for ERP systems.
• Experience with security frameworks and regulatory standards (e.g., SOX, GDPR, ISO 27001).
• Relevant certifications such as CISSP, CISM, or SAP Security are highly desirable.
• Experience implementing automation and AI related to ERP Security frameworks
• Excellent analytical, problem-solving, and communication skills.
• Ability to work collaboratively across technical and non-technical teams.

Travel:  <20%

Global Competencies

When we exhibit our values of Patients First, Driving Excellence, Bold Ingenuity, and Collaborative Spirit, through our twelve global competencies below, we help get more affordable medicines to more patients around the world.

• Fosters Teamwork
• Provides and Solicits Honest and Actionable Feedback
• Self-Awareness
• Acts Inclusively
• Demonstrates Initiative
• Entrepreneurial Mindset
• Continuous Learning
• Embraces Change
• Results-Oriented
• Analytical Thinking/Data Analysis
• Financial Excellence
• Communicates with Clarity

We are proud to be an equal opportunity employer. BeOne does not discriminate on the basis of race, religion, color, sex, gender identity, sexual orientation, age, disability, national origin, veteran status or any other basis covered by appropriate law. All employment is decided on the basis of qualifications, merit, and business need.