This website is not affiliated with, sponsored by, or approved by SAP AG.

Director of Global IT Security Opportunity with AGCO

SAP job related postings only ( For registered users only)

Moderators: rtella, Snowy, thx4allthefish

Director of Global IT Security Opportunity with AGCO

Postby MattODonnell » Wed Dec 04, 2013 6:21 pm

Job Summary:

The Director of Global IT Security is accountable for developing and leading the AGCO IT Security Program, with the overall goal of ensuring the data integrity and information systems security positions for all Information Technology functions. The scope includes SAP User Access Management, IT Compliance Program, Application Security and Access Management, Security Awareness Program, and End Point Security functions.

The Director of Global IT Security works in tandem with Infrastructure Operations Managers, Regional IT Directors, Regional Compliance Managers to ensure that the IT security policies, procedures & standards are implemented as required by each region and that they adhere to the overall IT Control & IT User standards.

This posiiton will maintain and communicate the AGCO IT security policies, procedures, and standards are application strategy and architecture perspective.

The major objective of the Global IT Security Program is to reduce the risk for major disruptions to our systems that control & manage our supply chains, and therefore protect our ability to produce, distribute & sell our products.


This role owns the overall accountability for AGCO Information & Technology Security. This includes but is not restricted to the following area’s:-
SAP User Access Management processes, tools, and resources
Infrastructure / Network perimeter security
Application code security guidelines
Extended perimeter as we seek to extend our connectivity up and down supply chains
Security of outsourced applications / 3rd party hosted systems
Security of outsourced business processes / arrangements
Security of information and data
Determine current and future security requirements, tools and techniques to be adopted by the enterprise and devise appropriate roadmaps for their implementation

Quarterly Security Reporting Updates
Provide education and promote awareness to AGCO colleagues globally with regards to IT security issues. Awareness & education are critical to improving the overall security stance by ensuring employees understand the importance of protecting AGCO data and intellectual property.

Awareness Campaigns
Manage the IT Compliance program and responses to both internal and external audits. Follow up with Regional and Corporate IT teams to resolve identified issues and prevent future issues through continuous improvement practices. Track all issues to resolution.

Annual Audit
Develop and manage an enterprise IT Security Incident & Reporting process. Improve daily operational security processes by identifying root causes and gaps through this process.

Global Incident and Problem Management
Ensure that operational security activities are periodically undertaken by the various parties involved in ensuring our applications, environments, networks, data & business processes are secure. The kind of activities should include (but not limited to):-
Code reviews
Penetration testing (both technical and via social means)
Ethical hacking
Network and application security reviews
Vulnerability assessments

Quarterly Security Reporting Updates
Nature and Scope:

IT Security is essential in protecting AGCO’s assets, data, and intellectual property. This function serves as the practitioner and implementer of policies, standards and tool design to minimize risk in keeping these areas secure
Ensure that security programs are in compliance with applicable laws, regulations and policies to minimize or eliminate risk and audit findings. (Examples of applicable laws and regulations include the Sarbanes-Oxley Act, the Graham-Leach-Bliley Act and the Health Insurance Portability and Accountability Act.)
Using the ANZA - IT Security Meeting’s InfoSec scorecard as a basis, the Security Director will work with the Regional Compliance teams to create a consistent method for the recording & reporting of security incidents. The content of such a report should include (but not be limited to):-
Network intrusion detection events (both external & internal)
Internal / external fraud
virus activity
spam volumes
inappropriate use of web / e-mail / web2.0 technologies
Professional certification, such as a CISSP, CISM, CISA or other information security credentials, is preferred.
Knowledge of security and control frameworks, such as ISO 17799, COBIT, COSO and ITIL.
Strong knowledge of SAP Security and User Access Management practices and tools.
Experience with IBM mainframe, UNIX, Windows environments and associated IT security demands.
Perimeter Security and Intrusion detection technologies and methodologies
Management Responsibility:

Will set annual objectives and measures for the Global IT Security Services team, comprised of SAP Security, IT Compliance, and End Point Security functional groups.
Supervise, hire, develop, and coach individuals within the team, including performance improvement plans when necessary.
Budget planning and authority for cost of services pertaining to the Global IT Security services and staff.

Bachelors degree in business management, computer science or related field of study or equivalent experience
Qualifications and Experience:

Bachelors degree in business management, computer science or related field of study or equivalent experience
Strong team player that is resilient in the pursuit of win-win solutions
Strong knowledge of compliance and validation procedures within a data center environment
3 – 5 years experience in ITIL methodology of Change, Incident & Problem management
5 – 7 years experience managing in a IT Security Services organization
5 – 7 years experience managing an enterprise SAP Security organization.
Experience working across multiple functional IT areas
Strong communication skills with the next level of IT and Internal Audit leadership
Ability to work in a virtual team environment across global time zones
Experience in a manufacturing environment desired
Able to travel up to 25% if required (domestic and international)
Travel Required

Must be able to travel up to 25% if required (domestic and international)

Follow the link to apply:

Email me at matthew.o' if you have any questions.
Posts: 1
Joined: Wed Dec 04, 2013 6:16 pm

Return to Job Postings/Resumes

Who is online

Users browsing this forum: Exabot [Bot] and 5 guests

This website is not affiliated with, sponsored by, or approved by SAP AG.