SAP IT Security Manager

Department:  Information Technology
City:  Leeds
Country:  GB


Founded in 1856, Burberry today remains quintessentially British, with outerwear at its core.  Digital luxury positioning and intensive focus on design innovation, quality and heritage icons ensure continued brand purity and relevance globally across genders and generations. Burberry believes that in order to be a great brand it must also be a great company and constantly leverages the energy of its compassionate and creative thinking culture to continually innovate and drive the brand forward. Headquartered in London, Burberry is a design, marketing and retail led business with a global reputation for innovative product design, digital marketing initiatives and dynamic retail strategies.


The SAP Security Manager’s main responsibilities include working with the business and IT to ensure the department are aligned to the strategic direction of the function. To create a set of metrics to be agreed with the SAP Technical Lead and Director of SAP / SAP Core Lead with which to measure the performance of the SAP Security team. To ensure policies, procedures and standards are kept contemporary and executed as documented. To work with the SAP Security Offshore Lead to highlight (as per the metrics) skills deficiencies and promote the correct level of expertise within the function. To assess future projects and help in the initial phases of blueprinting and high-level design and to develop and monitor progress against a roadmap.


  • Approve Security changes
  • Carry out detailed / high level design
  • Review GBR / SoD reports and take action
  • Delegate work to the offshore team
  • Manage escalations
  • Update roadmap
  • Manage ticket closure targets
  • Manage communications for stakeholders
  • Build / shape team, manage performance
  • Report into management on progress
  • Liaise with external / internal auditors to agree scope and schedule of audits
  • Responsibility for finding resolutions to audit issues
  • Liaise with Financial Governance and IT Assurance to identify and remediate risks
  • Work with offshore team lead to plan, schedule work
  • Build reporting capability to report to management
  • Manage partner relationship
  • Review approve documentation / processes


  • SAP knowledge and understand standard ABAP Security concepts as well as BW, Analysis, Structural and Portal technologies
  • Some project management skills preferable; Prince 2 or Agile practitioner
  • ISACA CISA, CISM, PAS 555 or ISO/IEC 27001 qualifications preferable as well as exposure to GDPR impacts
  • DevSecOps experience or awareness preferable
  • Understanding of SAP Security including:
    • Diagnosing technical errors efficiently and accurately
    • Remediation for all IT risk, governance, and segregation of duties related projects and ongoing maintenance in these efforts
    • Performing licensing audits using the License Administrators Workbench
    • SAP GRC Access Controls v5.3 and 10.0 implementation and/or upgrade experience
    • Experience in SAP GRC modules ARM, PC, EAM essential
    • Interpretation of business requirements and translation into technical requirements
    • Reviewing implementations /changes / builds for build quality
    • Understanding of emerging technologies such as HANA S/4, HANA Cloud applications, Fiori UI5, cursory understanding of JSON and SOA
  • Industry expertise to include
    • Working closely with the functional experts on-shore to propose / implement best practice methodology
    • Working with Risk and Governance teams (as a key stakeholder) to ensure that they are involved and business requirements are considered and addressed in a timely fashion
    • Understanding of SOX, JSOX and ITIL
  • Ability to take technical language and articulate issues, technical limitations and potential solutions in language non-technical audiences can understand.
  • Manage and chair meetings within the SAP Security Team, the wider SAP Team, Financial Governance, Audit or more senior members of staff (potentially senior manager)
  • Report to the SAP Technical Lead on performance of SAP Security Team against agreed metrics (see above)

Job Segment: SAP, ERP, Manager, Marketing Manager, ABAP, Technology, Management, Marketing