Senior IT Security Officer

We help the world run better
At SAP, we keep it simple: you bring your best to us, and we'll bring out the best in you. We're builders touching over 20 industries and 80% of global commerce, and we need your unique talents to help shape what's next. The work is challenging – but it matters. You'll find a place where you can be yourself, prioritize your wellbeing, and truly belong. What's in it for you? Constant learning, skill growth, great benefits, and a team that wants you to grow and succeed. 

What you’ll build: 

As a IT Security Officer of ECS Partner Management – Parter Center of Expertise (PCoE) team, he/she ensures the organizational orchestration of the partners’ delivery procedures into the SAP ECS standard operations. He/She works as an interface between SAP’s Customer Engagement team and the Technical Project Managers to ensure smooth cloud security operations of SAP ECS Partner managed cloud landscape and problem management to enhance the future values of SAP Enterprise Cloud Services.

As a IT Security Officer you are responsible for the following tasks:

• Managing IT security and compliance topics of partner-delivered engagements ensuring partners understand SAP ECS security expectations and shared responsibility models.
• Solving real-world security incidents and compliance issues on service delivery while having a firm understanding of the contractual obligations, legal aspects, process & operational know-how with responsibility for security incident response (IR), root cause analysis (RCA), post-incident corrective actions, and crisis communication with partners and SAP stakeholders with responsibility for security incident response (IR), root cause analysis (RCA), post-incident corrective actions, and crisis communication with partners and SAP stakeholders.
• Perform a detailed review of the vulnerability scanning, penetration test, hacker simulation, and audit reports, prioritize and execute follow-up actions based on assessing the risks associated with audit findings and recommendations covering reviews of security processes for premium suppliers.
• Support partner security tool integration (e.g., FRUN monitoring, vulnerability and patch management tools, SIEM integration, etc.) as well as IAM, least privilege, privileged access controls, encryption, key management, and data protection mechanisms in cloud environments.
• Managing the relations with partners and the customer-facing teams at SAP while also providing security guidance, onboarding, enablement, and supporting partner security maturity improvements over time.
• Responsible to devise innovative solutions after analyzing customer scenarios/requests with focus on secure cloud architecture, defense-in-depth strategies, and data protection requirements.
• Manage documentation of ECS Partner delivery security process and governance spanning continuous updates based on incidents, audits, and regulatory changes.
• Ensure the alignment with all relevant units (e.g. Customer, Partner, SAP Global Partner Delivery Director, ECS Partner Operations Management, ECS Partner Center of Expertise, Enterprise Cloud Success Manager, SAP Global Security, etc.), and facilitating coordination on regional security and compliance requirements.
• Become a single point of contact for IT security, compliance related topics and service delivery, being in continuous alignment with the partner and customer acting as crisis coordinator and escalation owner.
• Conduct the last line of defense for the ECS customer-facing unit for partner-delivered customer escalations for security and compliance topic driving incident containment and recovery leadership.
• Support continuous improvements for ECS partner delivery and operation processes based on critical customer feedback leveraging security incidents, audits, and partner maturity assessments.
• Deliver onsite presence to the partner/customer site to ensure effective and successful project delivery.
• Facilitate customers and partners on region-based security laws, regulatory requirements, and data residency obligations.

What you bring:

• Good understanding of the NIST Cybersecurity Framework and SAP Cloud Security Baselines.
• Good understanding of SAP HANA and SAP Cloud technology, cloud security architecture, defense-in-depth, and shared responsibility models.
• Good knowledge of Security Information and Event Management (SIEM) systems, incident monitoring, and alert handling.
• Fair knowledge on SAP BASIS skills – SWL Tools, Migrations, Upgrade/Updates and technical understanding of cloud network security design, IAM concepts, least privilege, and secure network connectivity.
• Experience securing and accrediting cloud / hyper-scaler hosted systems and services, including encryption, key management, and data protection controls.
• Total years of industry experience: 8 to 9 years.
• Minimum of 2–3 customer-facing experiences on incident management, crisis communication, and de-escalations.
• Team player, proactive networking attributes, results and execution focused, with strong stakeholder and partner management skills.
• Fluent in English – Any other language is a plus.
• Scripting skills and configuration know-how for security tools (SIEM, IDS, scanning, etc.) is a plus.
• Technical security certifications such as ISO 27001, CISSP, CAP, CISA, or similar is a plus.

Where you belong: 

Within the Customer Services and Delivery board area, the mission of the Enterprise Cloud Services (ECS) organization is to Run Customers on Cloud, Simplify Cloud Consumption and Ensure reliability with high Customer Satisfaction. Within this organization the Partner Management organization is ensuring the successful delivery for our SAP Private Cloud partner-delivered engagements and managing the whole lifecycle from partner strategy over partner relationship management to technical project management.

The Partner Management Organization has the following priorities:

• Build and operate a world-class, efficient and reliable organization to support our partner-delivered customers' journey toward their next-generation business                
• Help SAP customers realize the innovation power of SAP HANA and the SAP  Cloud on a continuous basis
• Accelerate innovations on the SAP HANA platform (SAP Business Suite powered by SAP HANA, industries, and high value apps)
• Ensure the provisioning of system landscapes, installation of applications, and performance of upgrades & migrations by partners
• Provide project management and technology consulting for all partner-delivered ECS Projects
• Act as the main interface to the customer project team to ensure effective communication

#SAPECSCareers

Bring out your best
SAP innovations help more than four hundred thousand customers worldwide work together more efficiently and use business insight more effectively. Originally known for leadership in enterprise resource planning (ERP) software, SAP has evolved to become a market leader in end-to-end business application software and related services for database, analytics, intelligent technologies, and experience management. As a cloud company with two hundred million users and more than one hundred thousand employees worldwide, we are purpose-driven and future-focused, with a highly collaborative team ethic and commitment to personal development. Whether connecting global industries, people, or platforms, we help ensure every challenge gets the solution it deserves. At SAP, you can bring out your best.  

We win with inclusion
SAP’s culture of inclusion, focus on health and well-being, and flexible working models help ensure that everyone – regardless of background – feels included and can run at their best. At SAP, we believe we are made stronger by the unique capabilities and qualities that each person brings to our company, and we invest in our employees to inspire confidence and help everyone realize their full potential. We ultimately believe in unleashing all talent and creating a better world.

SAP is committed to the values of Equal Employment Opportunity and provides accessibility accommodations to applicants with physical and/or mental disabilities. If you are interested in applying for employment with SAP and are in need of accommodation or special assistance to navigate our website or to complete your application, please send an e-mail with your request to Recruiting Operations Team: Careers@sap.com.

For SAP employees: Only permanent roles are eligible for the SAP Employee Referral Program, according to the eligibility rules set in the SAP Referral Policy. Specific conditions may apply for roles in Vocational Training.

Qualified applicants will receive consideration for employment without regard to their age, race, religion, national origin, ethnicity,  gender (including pregnancy, childbirth, et al), sexual orientation, gender identity or expression, protected veteran status, or disability, in compliance with applicable federal, state, and local legal requirements.

Successful candidates might be required to undergo a background verification with an external vendor.

AI Usage in the Recruitment Process

For information on the responsible use of AI in our recruitment process, please refer to our Guidelines for Ethical Usage of AI in the Recruiting Process.

Please note that any violation of these guidelines may result in disqualification from the hiring process.

Requisition ID: 441864  | Work Area: Information Technology  | Expected Travel: 0 - 10%  | Career Status: Professional  | Employment Type: Regular Full Time   | Additional Locations:  #LI-Hybrid