At GameStop, we are committed to providing exceptional service and delivering the latest and greatest in gaming products to our customers. As a leading global retailer of video games, electronics, and gaming merchandise, we take pride in offering a wide range of products that cater to the needs and desires of gamers worldwide. Our mission is to create unforgettable experiences for our customers by constantly pushing the boundaries of what's possible. Whether you're a hardcore gamer or just starting out, we've got something for everyone. Join us in our mission to shape the future of gaming and bring the best gaming products to the world!
Summary of Duties: Oversee management and execution of the Enterprise Security Program and Team, including: SAP security, governance, and operational support, Enterprise application security and integrations with ERP landscape, IT systems resiliency, continuity, and disaster recovery, and Cyber security capabilities in alignment with the wider Office of the CISO program. Support and advise as a member of the Office of the CISO’s senior leadership team. Develop strategic plans, roadmaps, and projects in-line with business priorities. Report on program status and key performance indicators (KPIs). Personnel development across SAP, security, and resiliency disciplines. Ensure team success through organizational, functional, and team alignment towards team mission and objectives. Follow and adhere to the GameStop change management processes and standards. Oversee the team responsible for the installation, monitoring, management, and performance tuning of SAP environments; development of test cases, performance of unit testing, troubleshooting and issue resolution of GRC functions for SAP; reviewing and implementing OSS notes and security patches; maintaining detailed documentation of user, role, and system changes for audit purposes; configuring of SAP GRC capabilities to meet business requirements; and providing ongoing support and troubleshooting for SAP access and process controls. Provide leadership, guidance, and SME advice on SAP Basis and security functions to internal and external engineering and support teams by collaborating with functional teams on the design, implementation and testing of business processes. Educate, guide and reinforce the correct SAP security procedures with project teams and third-party provider teams. Ensure SOX controls compliance by designing, reviewing, and executing SAP security sector procedures. Design and implement Risk and Control Matrix and Mitigation Controls. Utilize knowledge of SOX, ITGC, COBIT, and NIST procedures. Work with business stakeholders to understand their needs and requirements, and translate these into functional specifications for ERP Security, UI Technology (Fiori), and GRC. Partner with implementation teams to support the GRC program and other security related initiatives. Design and document security administration policies and procedures. Provide advanced problem solving and technical support for security or GRC related SAP issues. Stay up to date with the latest developments in SAP GRC, security, Fiori, BTP, cloud-based Applications and IDM related technologies. Deliver on requirements for SAP SOX Audits: create and deliver monthly, quarterly, and annual audit reports. Design, maintain, and troubleshoot GRC access control workflow issues, ruleset updates, password management, and role management. Create and maintain Firefighter (EAM) processes, accounts, and assignments. Track and ensure Firefighter logs are reviewed in a timely manner. Ensure segregation of duties remains intact in all security profiles. Perform periodic self-assessments and audits of all aspects relating to SAP security within all environments. Manage the resiliency program: design and execute a program capable of preparing for and responding to disasters or disruptions of IT systems. Conduct business impact assessments and create disaster recovery/business continuity plans. Execute continuity and recovery tests. Review vendor and third-party business continuity and disaster recovery capabilities to ensure compliance with GameStop policies. Manage the vulnerability management program: support the Security Engineering and Architecture Team by managing Security assets, review vulnerability management data and conduct root cause analysis to identify gaps in patching cadences, and measure and track the effectiveness of GameStop’s overall vulnerability management posture. Support the Cyber Incident Response Team with monitoring/response. Participate in cyber security risk management and maintenance of GameStop’s risk register. Familiarity with common security tool architypes such as: SOAR, EDR, SIEM, CSPM, PAM, NGFW, WAF, and GRC platforms.
Qualifications: Position requires a Master’s degree in Cybersecurity, Computer Science, Information Technology, Information Systems, Security (any), Engineering (any), or a related field of study, AND Six (6) years of experience in the job offered or related occupation in which the required experience was gained. In lieu of Master’s degree in Cybersecurity, Computer Science, Information Technology, Information Systems, Security (any), Engineering (any), or a related field of study, AND Six (6) years of experience, the employer will also accept a Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, Information Systems, Security (any), Engineering (any), or a related field of study AND Eight (8) years of experience in the job offered or related occupation in which the required experience was gained. Applicants must also have demonstrated experience with: Two advanced certifications from the following list: CISM, CISSP, and/or CRISC; SAP security and SAP GRC, with SAP GRC functionality and configuration; SAP S/4HANA security and authorization design and development; SAP security and authorization design and development; Security for SAP PI, SAC (SAP Analytics Cloud), BPC (Business Process Controls), SAP BTP, and SAP Hana Database; Leading design discussions, requirement gathering sessions and implementation of security solutions; and UI Path for development.
Full-time store positions at GameStop are also eligible to participate in incentive programs, health benefits, paid time off, 401 (k), employee discount and a casual work environment. Positions at GameStop may also be eligible for a bonus and/or other incentives.