Senior Manager - Cyber Risk and SAP Compliance

Role Responsibilities

Strategic Risk Leadership
• Define and execute the enterprise cyber risk management strategy aligned to business objectives
• Establish risk appetite alignment and support leadership in risk-based decision making
• Maintain and evolve the enterprise cyber risk register, taxonomy, and reporting framework
• Provide regular risk posture updates and actionable insights to executive stakeholders

Governance & Framework Alignment
• Lead the design, implementation, and continuous improvement of the GRC operating model
• Ensure alignment with global standards including ISO 27001, NIST CSF, NIST 800-53, COBIT, and SOX
• Develop and maintain security policies, standards, and procedures across the organization
• Drive maturity assessments and roadmap development for cybersecurity governance

Regulatory Compliance & Assurance
• Oversee enterprise compliance programs including SOX IT controls, ITGC, and regulatory requirements
• Direct audit readiness activities and serve as primary interface for internal and external auditors
• Manage control deficiency remediation and continuous control improvement
• Monitor emerging regulatory requirements and ensure proactive compliance readiness

Third-Party & Supply Chain Risk
• Assess vendor security posture and drive risk mitigation strategies
• Partner with Procurement and Legal to embed security requirements into contracts
• Provide oversight of critical suppliers supporting business operations

Access Risk Governance
• Oversee access governance across enterprise systems, including SAP GRC controls
• Ensure robust Segregation of Duties (SoD), User Access Reviews (UAR), and privileged access management
• Advise on identity risk strategies for cloud and digital transformation initiatives

Business Resilience & Critical Asset Protection
• Ensure alignment with disaster recovery and business continuity planning
• Support resilience testing and preparedness activities

Risk Advisory & Transformation Support
• Provide cyber risk advisory for strategic initiatives, new technologies, and digital programs
• Evaluate security implications of architectural and operational changes
• Support threat prioritization and risk treatment planning

Security Culture & Awareness
• Drive enterprise-wide security awareness initiatives and behavioral change programs
• Promote accountability for risk ownership across business units
• Champion a strong security culture across the organization

Stakeholder & Leadership Engagement
• Act as a trusted advisor to senior leadership on cyber risk posture and mitigation strategies
• Collaborate with IT, Engineering, Legal, Privacy, Compliance, and business leaders globally
• Influence decisions without direct authority across a matrixed organization.

Qualifications

Desired Qualifications:

• Master's degree in information technology/Cybersecurity/Information Security, or related field
• 10+ years of progressive experience in Cyber Risk, IT Audit, Compliance, or GRC leadership roles
• Demonstrated experience building, scaling, or transforming enterprise GRC programs
• Experience with enterprise GRC platforms (e.g., KnowBe4, ServiceNow, OneTrust, LogicGate, SAP GRC)
• Deep expertise in multiple security frameworks and regulatory environments
• Proven ability to manage complex audits and executive-level reporting
• Strong strategic thinking combined with operational execution skills
• Excellent stakeholder management across technical and non-technical audiences
• Security certifications preferred (e.g., CISA, CISSP, CRISC)
• Strong analytical and technical documentation skills

Job Segment: Supply Chain Manager, SAP, Compliance, Supply Chain, Marketing Manager, Operations, Technology, Legal, Marketing

Client-provided location(s): Gurgaon, India

Job ID: Beam_Suntory-1380818700

Employment Type: OTHER

Posted: 2026-04-09T19:33:26