Apply Now

Director, IT Risk Management, Application Security

Atlanta, GA, USA | Graphic Packaging International

  • Industry:
    Logistics, Freight, Packaging, & Warehousing
  • Position Type:
  • Functions:
    Risk Management
  • Experience:
    7-10 years
Job Description:
55 people have viewed this job

The Director, IT Risk Management, Application Security is a senior-level position responsible for owning the operational delivery and execution of application security controls for Graphic Packaging on an enterprise level. This role requires a candidate with strong leadership, process orientation, problem solving and security focus. The responsibilities are carried out through leading and directing a team that executes both the build responsibilities for our SAP application programs as well as the day to day run execution of GPI’s application security portfolio inclusive to SaaS and on prem services. This individual ensures the employees, budget, contractors, and plans are aligned to deliver key application security commitments.

This position has a high amount of responsibility for deploying secure solutions across the Graphic Packaging application landscape and for working with the business and Information Security cross-functional teams to deliver. This is a customer-facing role that requires experience with both Information Security and Customer Relationship building.


Principal Duties and Responsibilities: five to eight key responsibilities/activities for which the position is accountable:

  • Consult closely with the various business unit finance and accounting management teams to support business plans and objectives through the identification, evaluation and prioritization of opportunities to leverage the Company’s IT investment. The position will also work with the various business units to improve processes through improved utilization of information management. Develop and manage a strategic plan to utilize and develop actionable information in support of BU financial objectives and strategies.

  • Establish and manage the various GPI SAP Security projects, processes and support functions and to ensure effective and efficient procedures and programs are in place according to the Corporate IT policies and strategies. For this purpose, the position holder initiates, guides, organizes, plans and coordinates all activities at GPI in the application security information management area, including decisions regarding resource management and allocation, project planning and control, quality assurance, employee management, employee development and personnel issues.

  • In coordination with the finance and accounting business unit leaders and the IT PMO office, prepare, gain acceptance, and control plans and programs which will achieve IT and business short- and long-term Information Security objectives. Promote all IT policies and plans in concert with GPI BU opportunities and objectives.

  • Initiate, lead and participate in projects on a corporate level which are aimed at internal IT development and improvement initiatives.

  • Regularly prepare management reports and participate in Steering Committee meetings as required.

  • Leverage data analytics to define strategic approach to mitigate application security risks exposed.

  • In coordination with IT Operations and other global entities, ensure DATA CLASSIFICATIONS are established and being applied to critical data sources.

  • Work with finance and business unit teams to execute application security M&A integration plans. This includes interface development, testing, cut-over and conversion efforts in addition to steady state support.

  • Work with internal and external audit and compliance teams to ensure GPI meets any SEC/SOX/Regulatory requirements.

  • Work with business and IT leads to ensure applicable master data standards are maintained.

  • Work with business unit to execute and lead SAP Security for planned SAP rollouts and other related projects.

  • Work as an Information Security knowledge expert on initiatives for other SaaS, IaaS projects.

  • Other work as assigned.


List minimum level of education, special training, certifications, or technical skills/experience required for this position.

  • Expert knowledge with at least 6-10 years’ experience in project management and business process management. Experience in information technology related field required.

  • 5 plus years’ experience with Enterprise-class applications. Experience with design, configuration and support of SAP and other application classes implementations.

  • Substantial knowledge of finance and accounting business functions, processes and supporting technology in an industrial company. Specific business experience with finance and accounting functions a plus.

  • Position holder is experienced in information and data management and business/process improvement. This individual must have excellent communication abilities and experienced in project management and leading teams.

Other companies hiring with Ivy Exec

 Company Logos