Senior Security Compliance Domain Advisor - Security Compliance Office Job

Job Description

Requisition ID: 263880
Work Area: Information Technology
Expected Travel: 0 - 10%
Career Status: Professional
Employment Type: Regular Full Time

COMPANY DESCRIPTION

SAP started in 1972 as a team of five colleagues with a desire to do something new. Together, they changed enterprise software and reinvented how business was done. Today, as a market leader in enterprise application software, we remain true to our roots. That’s why we engineer solutions to fuel innovation, foster equality and spread opportunity for our employees and customers across borders and cultures.
SAP values the entrepreneurial spirit, fostering creativity and building lasting relationships with our employees. We know that a diverse and inclusive workforce keeps us competitive and provides opportunities for all. We believe that together we can transform industries, grow economics, lift up societies and sustain our environment. Because it’s the best-run businesses that make the world run better and improve people’s lives.

SUMMARY

Within the SAP Global Security (SGS) organization the department “Security Compliance Office” (SCO) is globally responsible for the Compliance Framework for SAP ́s cloud and IT delivery units (incl. SAP S/4HANA cloud, SAP HANA Enterprise Cloud, SAP Cloud Platform, SAP Ariba, or SAP SuccessFactors, to name just a few) as well as for related security compliance demand topics. SCO provides strategic cloud compliance direction and advisory services to enable SAP to be the best-run Enterprise Cloud Company. SCO acts as the trusted partner & advisor to SAP’s cloud delivery and IT units for all security compliance matters. SCO further acts as single point of contact for SAP’s external auditor and is owner of the audit engagement. The following teams are part of SCO:

• Operations Office
• Competence Center
• Product & Service Certification
• Validation, Assessments & Audits
• Service Continuity Management

The primary objectives of SCO are to advise SAP ́s cloud delivery and IT units on obtaining and maintaining local and global compliance and regulatory obligations to generate trust through compliance.

THE ROLE

You will support harmonization of controls to improve the internal control framework of SAP Cloud Units, and support SAP Cloud and IT Units reaching Attestations and Certifications (e.g. SOC, ISO). You will also support and coordinate internal and external audits for cloud and IT units, evaluate and identify opportunities of potential Information security and privacy impacts, and support areas such as Supplier Compliance Management, Data Protection and Privacy Laws, Compliance Monitoring, and Compliance Readiness.

Based on business requirements the Senior Security Compliance Domain Advisor will be appointed to the Product & Service Certification Team and will contribute to run the core elements of SCO’s audit program. The role supports SCO in improving its Multi-dimensional Compliance Framework, leveraging synergies between SAP cloud and IT delivery units as well as streamlining the external audit management and execution process. Further, the role would participate in ongoing projects and initiatives aiming to streamline the audit management and execution processes within SCO as well as the SAP cloud and IT delivery units.

If chosen, you should bring a demand for a challenging position in a thriving environment with the chance to develop your own ideas as this team practices a trust-based working model.

ROLE REQUIREMENTS

Required Skills:

• At least 3-5 years’ professional experience in Security Compliance (IT Audit, Risk, Compliance, IT Operations).
• Experience in auditing practices and methodology (audit preparation, execution, and reporting) as well as advanced knowledge in IT enterprise operation and IT infrastructure technologies
• Advanced knowledge of common Certification Standards for IT Security, Business Continuity & Quality Management (e.g. ISAE 3000/ISAE 3402 (SOC 1/SOC 2), ISO 27001, ISO22301, ISO 9001, C5)
• Strong communication and presentation skills in English
• Analytical capabilities and ability to challenge complexity
• Proactive behavior, result orientation & execution focus, high willingness to learn and the ability to drive in challenging projects

Preferred skills:

• Knowledge or certification in leading practices for IT processes and controls (e.g. ITIL, COBIT)
• Experience in implementing industry specific IT compliance requirements (GxP, HIPAA, etc.)
• ISO 27001 Lead Auditor or CISA certification is an advantage
• German language skills are an advantage

#SAPSecurityCareersSGS

#WorkWithMaxx

WHAT YOU GET FROM US
Success is what you make it. At SAP, we help you make it your own.
A career at SAP can open many doors for you. If you’re searching for a company that’s dedicated to your ideas and individual growth, recognizes you for your unique contributions, fills you with a strong sense of purpose, and provides a fun, flexible and inclusive work environment – apply now.

SAP'S DIVERSITY COMMITMENT
To harness the power of innovation, SAP invests in the development of its diverse employees. We aspire to leverage the qualities and appreciate the unique competencies that each person brings to the company.

SAP is committed to the principles of Equal Employment Opportunity and to providing reasonable accommodations to applicants with physical and/or mental disabilities. If you are interested in applying for employment with SAP and are in need of accommodation or special assistance to navigate our website or to complete your application, please send an e-mail with your request to Recruiting Operations Team. (Americas: [email protected] or [email protected] , APJ: [email protected] , EMEA: C [email protected] ). Requests for reasonable accommodation will be considered on a case-by-case basis. Successful candidates might be required to undergo a background verification with an external vendor.

EOE AA M/F/Vet/Disability:
Qualified applicants will receive consideration for employment without regard to their age, race, religion, national origin, gender, sexual orientation, gender identity, protected veteran status or disability.

Successful candidates might be required to undergo a background verification with an external vendor.
Additional Locations: