Are You Ready to Make It Happen at Mondelēz International?
Join our Mission to Lead the Future of Snacking. Make It Uniquely Yours.
You work with the information security team as a competent and experienced information security and compliance leader.
How you will contribute
You will assess information security risks in line with internal policies and external best practices and determine requirements how to secure Mondelēz International information and IT assets. In addition, you will develop security standards and policies; advise technical teams when developing relevant procedures or have operational security questions; review and consulting them on compliant and effective use of common tools. You will also keep business stakeholders apprised on the overall security and compliance roadmap, provide training on information security to appropriate teams, and develop security strategies, architectures and roadmaps across process and technologies.
What you will bring
A desire to drive your future and accelerate your career. You will bring experience and knowledge in:
- Information security, compliance and risk management
- Understanding security solutions and their applicability to Mondelēz International
- Developing security strategies, awareness campaigns, policies/standards, and governance
- Communicating effectively with technical specialists, leaders and peers
- Commercially astute
- Leadership and people management skills
More about this role
SAP Security Sr. Platform Manager is responsible to provide strategic and operational leadership across SAP Security and GRC functions, ensuring a secure, compliant, and well-governed technical landscape spanning S/4HANA, BTP, Fiori, and all integrated systems within the RISE with SAP ECC environment. This SME manages a team responsible for role design, access controls, compliance, and audit readiness across all SAP S/4HANA and integrated systems, driving role design initiatives for both greenfield and brownfield implementations while ensuring our GRC posture remains robust and audit-ready at all times.
They partner closely with SAP Functional teams, business process owners, Audit, InfoSec, Systems Integrators, and third-party technology providers to ensure secure, compliant, and scalable SAP operations. They serve as the bridge between IT Security, Internal Controls, and Internal Audit, translating technical security configurations into the language of risk, compliance, and business assurance. This is not a purely technical role. While deep hands-on SAP security expertise is essential, the ideal candidate will bring executive presence, cross-functional influence, and the ability to lead teams through complex transformation programs while maintaining a strong control environment.
Role Details:
Security Design, Architecture & Role Governance
- Own the SAP role design standard, including role catalog governance, the authorization concept, segregation of duties (SoD) frameworks, mitigation controls, and access request workflows, ensuring designs are clean core aligned and sustainable across the program lifecycle. This encompasses the complete spectrum of security design across S/4HANA, EWM, Fiori, BW, ECC, BTP, and other integrated platforms: building scalable role architectures, defining and configuring authorization objects at a granular level, and establishing user access controls that are both operationally practical and compliant with enterprise policy.
- Lead security workstreams in both greenfield and brownfield S/4HANA programs. Should be comfortable operating across all project phases, from blueprint and design workshops through build, testing, cutover, and hypercare and be able to make pragmatic decisions that keep transformation timelines on track without compromising security integrity.
GRC Configuration, Management & Segregation of Duties
- Own full accountability for leading SAP GRC platform operations covering Access Control (AEM, ARM, BRM, EAM), Firefighter and Emergency Access Management processes, periodic access reviews, SoD conflict analysis, and continuous controls monitoring, maintaining audit-ready posture at all times.
Audit Readiness & Compliance
- Own SOX, internal and external audit readiness for the SAP Security landscape, including access control evidence management, risk logs, mitigation plans, and remediation tracking in close partnership with Internal Audit, External Audit, and Information Security teams. This means partnering closely with control owners to ensure IT General Controls (ITGCs) and application controls within SAP are properly designed, operating effectively, and well-documented.
- Own and respond to audit inquiries with clear and complete evidence, proactively identify control gaps before they become findings, and maintain access control matrices, role-to-risk mappings, and authorization object inventories that auditors can rely on. When findings do arise, this platform manager will own the remediation roadmap and drive it to closure.
SI & Partner Governance
- Govern the security deliverables of the SI and vendor partners, ensuring secure solution design, adherence to established standards, quality of security-related work products, and timely risk escalation and remediation. They will hold partners accountable to the organization's security framework and ensure that externally delivered configurations meet compliance requirements before they enter the production landscape.
Security Architecture Partnership
- Partner with SAP Technical leadership and Solution Architects to define and maintain secure solution patterns, and security architecture aligned to the RISE platform.
Transformation & Go-Live Security Leadership
- Provide security leadership during go-lives, cutovers, system refreshes, environment provisioning, ensuring security controls are validated, access is appropriately provisioned, and risk is formally accepted or mitigated prior to each milestone.
SAP Security Sr. Platform Manager is responsible to provide strategic and operational leadership across SAP Security and GRC functions, ensuring a secure, compliant, and well-governed technical landscape spanning S/4HANA, BTP, Fiori, and all integrated systems within the RISE with SAP ECC environment. This SME manages a team responsible for role design, access controls, compliance, and audit readiness across all SAP S/4HANA and integrated systems, driving role design initiatives for both greenfield and brownfield implementations while ensuring our GRC posture remains robust and audit-ready at all times.
They partner closely with SAP Functional teams, business process owners, Audit, InfoSec, Systems Integrators, and third-party technology providers to ensure secure, compliant, and scalable SAP operations. They serve as the bridge between IT Security, Internal Controls, and Internal Audit, translating technical security configurations into the language of risk, compliance, and business assurance. This is not a purely technical role. While deep hands-on SAP security expertise is essential, the ideal candidate will bring executive presence, cross-functional influence, and the ability to lead teams through complex transformation programs while maintaining a strong control environment.
Role Details:
Security Design, Architecture & Role Governance - Own the SAP role design standard, including role catalog governance, the authorization concept, segregation of duties (SoD) frameworks, mitigation controls, and access request workflows, ensuring designs are clean core aligned and sustainable across the program lifecycle. This encompasses the complete spectrum of security design across S/4HANA, EWM, Fiori, BW, ECC, BTP, and other integrated platforms: building scalable role architectures, defining and configuring authorization objects at a granular level, and establishing user access controls that are both operationally practical and compliant with enterprise policy.
- Lead security workstreams in both greenfield and brownfield S/4HANA programs. Should be comfortable operating across all project phases, from blueprint and design workshops through build, testing, cutover, and hypercare and be able to make pragmatic decisions that keep transformation timelines on track without compromising security integrity.
- GRC Configuration, Management & Segregation of Duties
- Own full accountability for leading SAP GRC platform operations covering Access Control (AEM, ARM, BRM, EAM), Firefighter and Emergency Access Management processes, periodic access reviews, SoD conflict analysis, and continuous controls monitoring, maintaining audit-ready posture at all times.
- Audit Readiness & Compliance
- Own SOX, internal and external audit readiness for the SAP Security landscape, including access control evidence management, risk logs, mitigation plans, and remediation tracking in close partnership with Internal Audit, External Audit, and Information Security teams. This means partnering closely with control owners to ensure IT General Controls (ITGCs) and application controls within SAP are properly designed, operating effectively, and well-documented.
- Own and respond to audit inquiries with clear and complete evidence, proactively identify control gaps before they become findings, and maintain access control matrices, role-to-risk mappings, and authorization object inventories that auditors can rely on. When findings do arise, this platform manager will own the remediation roadmap and drive it to closure.
- SI & Partner Governance
- Govern the security deliverables of the SI and vendor partners, ensuring secure solution design, adherence to established standards, quality of security-related work products, and timely risk escalation and remediation. They will hold partners accountable to the organization's security framework and ensure that externally delivered configurations meet compliance requirements before they enter the production landscape.
- Security Architecture Partnership
- Partner with SAP Technical leadership and Solution Architects to define and maintain secure solution patterns, and security architecture aligned to the RISE platform.
- Transformation & Go-Live Security Leadership
- Provide security leadership during go-lives, cutovers, system refreshes, environment provisioning, ensuring security controls are validated, access is appropriately provisioned, and risk is formally accepted or mitigated prior to each milestone.
Salary and Benefits:
The base salary range for this position is $140,300 to $192,940; the exact salary depends on several factors such as experience, skills, education and location. In addition to base salary, this position is eligible for participation in a highly competitive bonus program with possibility for overachievement based on performance and company results. In addition, Mondelez International offers the following benefits: health insurance, wellness and family support programs, life and disability insurance, retirement savings plans, paid leave programs, education related programs, paid holidays and vacation time. Some of these benefits have eligibility requirements. Many of these benefits are subsidized or fully paid for by the company.
No Relocation support available
Business Unit Summary
The United States is the largest market in the Mondelēz International family with a significant employee and manufacturing footprint. Here, weproduce our well-loved household favorites to provide our consumers with the right snack, at the right moment, made the right way. We have corporate offices, sales, manufacturing and distribution locations throughout the U.S. to ensure our iconic brands-including Oreo and Chips Ahoy! cookies, Ritz, Wheat Thins and Triscuit crackers, and Swedish Fish and Sour Patch Kids confectionery products -are close at hand for our consumers across the country.
Mondelēz Global LLC is an Equal Opportunity Employer/Protected Veterans/Persons with Disabilities. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability, protected Veteran status, sexual orientation, gender identity, gender expression, genetic information, or any other characteristic protected by law. Applicants who require accommodation to participate in the job application process may contact 847-943-5460 for assistance.
For more information about your Federal rights, please see eeopost.pdf; EEO is the Law Poster Supplement; Pay Transparency Nondiscrimination Provision; Know Your Rights: Workplace Discrimination is Illegal
Job Type
Regular
Information Security
Technology & Digital
Skills Required
- Hands-on SAP security expertise across S/4HANA, ECC, BTP, Fiori, EWM, BW
- Experience leading SAP role design, authorization objects, and role catalog governance
- Experience with SAP GRC platform operations including Access Control (AEM, ARM, BRM, EAM) and Firefighter/Emergency Access Management
- Segregation of Duties (SoD) frameworks, conflict analysis, mitigation controls and continuous controls monitoring
- Proven audit readiness experience (SOX, internal and external audits), evidence management and remediation ownership
- Experience leading SAP security workstreams in greenfield and brownfield S/4HANA transformation programs (all project phases)
- Partner and vendor governance experience managing SIs and third-party security deliverables
- Ability to translate technical security configurations into risk, compliance, and business assurance language
- Developing security strategies, policies/standards, awareness campaigns, and governance
- Leadership and people management skills with executive presence and cross-functional influence
- Strong communication skills to engage technical specialists, business leaders, audit and InfoSec stakeholders
- Commercial awareness and ability to make pragmatic security decisions aligned to program timelines
Mondelēz International Compensation & Benefits Highlights
-
Retirement Support — The 401(k) program is characterized by strong company matching, with some eligible groups also receiving a base company contribution. Feedback suggests negotiated updates at represented sites have further enhanced retirement features.
-
Healthcare Strength — Coverage spans medical, dental, vision, mental‑health resources, life and disability insurance, and tax‑advantaged accounts, supported by wellness and EAP offerings. Onsite or company‑sponsored wellbeing initiatives provide additional day‑to‑day support.
-
Parental & Family Support — A published global parental‑leave standard and resources such as lactation/wellness rooms signal structured support for caregivers. Bonding leave for all caregivers and other family‑care supports are highlighted in published materials.
Mondelēz International Insights
What We Do
Mondelēz International, Inc. (NASDAQ: MDLZ) is an American multinational confectionery, food, and beverage company based in Illinois which employs approximately 90,000 individuals around the world. Our Purpose Our purpose is to empower people to snack right. We will lead the future of snacking around the world by offering the right snack, for the right moment, made the right way. Our Brands We’re leading the future of snacking with iconic brands such as Oreo, belVita and LU biscuits; Cadbury Dairy Milk, Milka and Toblerone chocolate; Sour Patch Kids candy and Trident gum. Our People Our 90,000+ colleagues around the world are key to the success of our business. Our Values and Leadership Commitments of Love our Consumers and Brands, Grow Every Day, and Do What's Right shapes our culture – what we believe in, stand for, and what guides our actions and decisions. Great people and great brands. That’s who we are. Our Strategies We are uniquely positioned to lead the future of snacking with strong leadership in our categories, an unparalleled portfolio of global and local brands, and a solid footprint in fast-growing markets. Aimed at delivering sustainable growth, our strategic plan is centered around three strategic priorities: • Growth: accelerate consumer-centric growth • Execution: drive operational excellence • Culture: build a winning growth culture
Why Work With Us
We offer passionate, energetic and curious people a huge choice of careers in our fun, fast-paced, global business. We operate in four regions: Asia, Middle East & Africa; Europe; Latin America; and North America. And in over 80 countries our people are united in a common purpose to empower people to snack right.
Gallery
Mondelēz International Offices
Hybrid Workspace
Employees engage in a combination of remote and on-site work.
#TeamMDLZ Flexible Working Pledge: We Trust each other to work flexibly and productively We show Empathy, encouraging belonging and connection We are Mindful of making space and taking time