Share this Job

Title:  Director, IT Risk Management, Application Security

Requisition ID:  16077-159

Atlanta, GA, US, 30328

Category:  Information Technology
Travel:  Up to 25%



The Director, IT Risk Management, Application Security is a senior-level position responsible for owning the operational delivery and execution of application security controls for Graphic Packaging on an enterprise level. This role requires a candidate with strong leadership, process orientation, problem solving and security focus. The responsibilities are carried out through leading and directing a team that executes both the build responsibilities for our SAP application programs as well as the day to day run execution of GPI’s application security portfolio inclusive to SaaS and on prem services. This individual ensures the employees, budget, contractors, and plans are aligned to deliver key application security commitments.

This position has a high amount of responsibility for deploying secure solutions across the Graphic Packaging application landscape and for working with the business and Information Security cross-functional teams to deliver. This is a customer-facing role that requires experience with both Information Security and Customer Relationship building.


POSITION RESPONSIBILITIES: Principal Duties and Responsibilities: five to eight key responsibilities/activities for which the position is accountable:


  • Consult closely with the various business unit finance and accounting management teams to support business plans and objectives through the identification, evaluation and prioritization of opportunities to leverage the Company’s IT investment. The position will also work with the various business units to improve processes through improved utilization of information management. Develop and manage a strategic plan to utilize and develop actionable information in support of BU financial objectives and strategies.
  • Establish and manage the various GPI SAP Security projects, processes and support functions and to ensure effective and efficient procedures and programs are in place according to the Corporate IT policies and strategies. For this purpose, the position holder initiates, guides, organizes, plans and coordinates all activities at GPI in the application security information management area, including decisions regarding resource management and allocation, project planning and control, quality assurance, employee management, employee development and personnel issues.
  • In coordination with the finance and accounting business unit leaders and the IT PMO office, prepare, gain acceptance, and control plans and programs which will achieve IT and business short- and long-term Information Security objectives. Promote all IT policies and plans in concert with GPI BU opportunities and objectives.
  • Initiate, lead and participate in projects on a corporate level which are aimed at internal IT development and improvement initiatives.
  • Regularly prepare management reports and participate in Steering Committee meetings as required.
  • Leverage data analytics to define strategic approach to mitigate application security risks exposed.
  • In coordination with IT Operations and other global entities, ensure DATA CLASSIFICATIONS are established and being applied to critical data sources.
  • Work with finance and business unit teams to execute application security M&A integration plans. This includes interface development, testing, cut-over and conversion efforts in addition to steady state support.
  • Work with internal and external audit and compliance teams to ensure GPI meets any SEC/SOX/Regulatory requirements.
  • Work with business and IT leads to ensure applicable master data standards are maintained.
  • Work with business unit to execute and lead SAP Security for planned SAP rollouts and other related projects.


  • Work as an Information Security knowledge expert on initiatives for other SaaS, IaaS projects.


  • Other work as assigned.


POSITION SPECIFICATIONS:  List minimum level of education, special training, certifications, or technical skills/experience required for this position.


  • Expert knowledge with at least 6-10 years’ experience in project management and business process management. Experience in information technology related field required.
  • 5 plus years’ experience with Enterprise-class applications. Experience with design, configuration and support of SAP and other application classes implementations.
  • Substantial knowledge of finance and accounting business functions, processes and supporting technology in an industrial company. Specific business experience with finance and accounting functions a plus.
  • Position holder is experienced in information and data management and business/process improvement. This individual must have excellent communication abilities and experienced in project management and leading teams.

Required Experience



 At Graphic Packaging International (NYSE: GPK), we produce the box you may have poured your child's cereal from this morning, the microwaveable tray that heated your lunch, the paper cup that held your coffee throughout the day, and the carrier of those bottles of craft beer you may enjoy tonight! We're one of the largest manufacturers of paperboard and paper-based packaging for some of the world's most recognized brands of food, beverage, foodservice, household, personal care and pet care products. Headquartered in Atlanta, Georgia, we are a team of collaborative, innovative, passionate individuals who are committed to providing consumer packaging that makes a world of difference. 

With almost 18,000 employees working in more than 70 locations in North and South America, Europe and the Pacific Rim, we strive to be an environmentally responsible leader in our industry and in the communities where we operate. We are committed to workplace diversity and offer compensation and benefits programs that are among the industry's best to reward the talented people who make our company successful. 

If this sounds like something you would like to be a part of, we'd love to hear from you. Learn more about us at www.graphicpkg.com.

Inspired Packaging. A World of Difference. 


Graphic Packaging is an Equal Opportunity Employer. All candidates will be evaluated on the basis of their qualifications for the job in question. We do not base our employment decision on an employee's or applicant's race, color, religion, age, gender or sex (including pregnancy), national origin, ancestry, marital status, sexual orientation, gender identity, genetic identity, genetic information, disability, veteran/military status or any other basis prohibited by local, state, or federal law. Click here to view the EEO is the Law Poster

Nearest Major Market: Atlanta

Job Segment: Risk Management, Manager, ERP, Law, Developer, Finance, Management, Technology, Legal