Job description

The role is responsible for embedding security-by-design across Chalhoub Group’s SAP S/4HANA ERP Transformation Program, ensuring ERP security architecture, controls, and processes align with Group Information Security principles and integrate with Group Security Operations for continuous monitoring, incident management, and risk mitigation. Key duties include developing and maintaining ERP-specific security architecture standards and guidelines, establishing security architecture blueprints for SAP applications and cloud services across S/4HANA, BTP, Integration Suite, and Azure, and overseeing secure configuration and hardening of SAP platforms including S/4HANA, Fiori, CAR, EWM, Ariba, IAG, Solution Manager, BTP, and Integration Suite. The position conducts Security Impact Assessments, Threat Modeling, and Risk Assessments across SAP SuccessFactors, SAP Ariba, SAP S/4HANA, and other ERP modules, defines and oversees application, database, network, IAM, and secure configuration controls, and ensures integration with Group Security Operations for threat detection, logging, monitoring, SIEM integration, and incident response readiness. Responsibilities include embedding secure development and change practices into programme delivery, evaluating third-party add-ons for compliance with Group security requirements, acting as the programme’s primary security authority, partnering with IAM, Infrastructure, Basis, Application, and Cloud Security teams, translating regulatory and compliance requirements such as SOX and GDPR into ERP controls, managing SAP Security Notes cadence and hardening baselines, supporting audits and compliance assessments, ensuring alignment with governance forums, and delivering security awareness and secure usage training for ERP stakeholders.