Job Description

Required experience and qualifications:

• 10 Years or more experience in application design and understand systems architecture.
• A relevant 3-year degree or equivalent (NQF Level 7)
• Proof of successful implementation of minimum 4 ERP projects.

Key responsibilities:

• Define and implement ERP security policies, standards, and best practices.
• Conduct security risk assessments on ERP infrastructure and applications.
• Develop risk mitigation strategies and security controls.
• Define role-based access control (RBAC) and user privileges.
• Ensure segregation of duties (SoD) in ERP roles to prevent fraud.
• Work with ERP architects to design a secure system architecture.
• Ensure ERP compliance with industry standards (ISO 27001, NIST, GDPR, POPIA, etc.).
• Conduct security audits and penetration testing.
• Oversee encryption of sensitive ERP data (at rest and in transit).
• Implement data masking and anonymization where needed.
• Define and enforce data retention and disposal policies.
• Monitor security logs for ERP-related threats.
• Implement Security Information & Event Management (SIEM) tools.
• Lead response to security incidents, breaches, and vulnerabilities.
• Ensure secure API connections between ERP and third-party applications.
• Educate teams on ERP security best practices.
• Conduct phishing simulations and security drills.
• Establish a culture of security-first thinking across departments.
• Perform vulnerability assessments and penetration testing.
• Ensure patches and security updates are applied regularly.
• Work with auditors to provide evidence of security controls.
• Maintain security policies, incident logs, and compliance reports.
• Document lessons learned from security incidents and improved response plans.
• Monitor ERP security post-deployment.
• Continuously improve ERP security based on threat intelligence.
• Adapt security strategies to evolving cyber threats.

ExecutivePlacements.com