Information Technology

Info Security Compliance Specialist

We help the world run better

Our company culture is focused on helping our employees enable innovation by building breakthroughs together. How? We focus every day on building the foundation for tomorrow and creating a workplace that embraces differences, values flexibility, and is aligned to our purpose-driven and future-focused work. We offer a highly collaborative, caring team environment with a strong focus on learning and development, recognition for your individual contributions, and a variety of benefit options for you to choose from.Apply now!  

We help the world run better

Our company culture is focused on helping our employees enable innovation by building breakthroughs together. How? We focus every day on building the foundation for tomorrow and creating a workplace that embraces differences, values flexibility, and is aligned to our purpose-driven and future-focused work. We offer a highly collaborative, caring team environment with a strong focus on learning and development, recognition for your individual contributions, and a variety of benefit options for you to choose from. Apply now! 

As Info Security Compliance Specialist(m/f/d), you will act as the subject matter expert (m/f/d) within corporate functions for security risk management and related activities, as well as for all security matters.
 

Your responsibilities include but are not limited to:

  • Overseeing security risks, targeted security risks assessments and other security project reviews as identified across all aspects of SAP Global Security
  • Understanding applicable regulations, guidelines and industry best practices
  • Contributing towards the execution of SAP’s standards specific set by enterprise governance and SAP Global Security policies and procedures
  • Performing periodic security risk assessments and conduct related ongoing compliance monitoring activities
  • Reviewing security exceptions for the specific corporate function and reinforce the identification of security risks
  • Using mathematical models such as Factor Analysis of Information Risk Model (FAIR) to determine optimum investments
  • Conducting security risk assessments and advise the corporate leadership on risk reduction proposals with cost justification
  • Monitoring and enhancing the risk mitigation strategies and plans to help bring open security risks to closure
  • Working independently as well as with internal and external business partners for any third-party assessments on security functions
  • Developing and monitoring security risk metrics and provide periodic updates to the executive management on security risk and compliance efforts
  • Providing leadership, mentoring, and training to security personnel and other SAP stakeholders
  • Demonstrating proven expertise and success managing simultaneous project work streams in system security, cybersecurity controls or information security management environment, specifically on NIST domains

Your Profile:

  • Minimum of 5 years of managing IT initiatives/project management required Minimum of 5 years information security, audit, risk management, compliance or risk consulting related experience preferred
  • Experience using Governance, Risk and Compliance (GRC) tools and Factor Analysis of Information Risk Model (FAIR) preferred
  • Security certification e.g. CISSP, CISA - CRISC preferred
  • Experience with information security compliance audit frameworks and requirements e.g. NIST, COBIT, CMMI, ISO27001, FISMA, FedRAMP, SOC, SOX, PCI-DSS, GDPR and Data Privacy
  • Proven experience working in multi-functional and multi-cultural teams
  • Ability to demonstrate analytical expertise, close attention to detail, excellent conflict resolution and negotiation skills, logic, and solution orientation
  • Learn and adapt quickly with a thinking out of the box mindset
  • Excellent written and oral communication skills in English and German
  • Ability to learn and operate in a dynamic and agile environment
  • Proactive, self-managed, and able to interface well with sponsor personnel and inter-disciplinary teams across an organization

About the team:
The Risk Response & Monitoring Team is part of the SGS Security Risk & Compliance (SR&C) organization. The team provides risk-based oversight and monitoring of security issues, risks, and control enhancement across the enterprise. It enables SR&C to provide a commercial response to risk.

We build breakthroughs together

SAP innovations help more than 400,000 customers worldwide work together more efficiently and use business insight more effectively. Originally known for leadership in enterprise resource planning (ERP) software, SAP has evolved to become a market leader in end-to-end business application software and related services for database, analytics, intelligent technologies, and experience management. As a cloud company with 200 million users and more than 100,000 employees worldwide, we are purpose-driven and future-focused, with a highly collaborative team ethic and commitment to personal development. Whether connecting global industries, people, or platforms, we help ensure every challenge gets the solution it deserves. At SAP, we build breakthroughs, together.

We win with inclusion

SAP’s culture of inclusion, focus on health and well-being, and flexible working models help ensure that everyone – regardless of background – feels included and can run at their best. At SAP, we believe we are made stronger by the unique capabilities and qualities that each person brings to our company, and we invest in our employees to inspire confidence and help everyone realize their full potential. We ultimately believe in unleashing all talent and creating a better and more equitable world.
SAP is proud to be an equal opportunity workplace and is an affirmative action employer. We are committed to the values of Equal Employment Opportunity and provide accessibility accommodations to applicants with physical and/or mental disabilities. If you are interested in applying for employment with SAP and are in need of accommodation or special assistance to navigate our website or to complete your application, please send an e-mail with your request to Recruiting Operations Team: Careers@sap.com
For SAP employees: Only permanent roles are eligible for the SAP Employee Referral Program, according to the eligibility rules set in the SAP Referral Policy. Specific conditions may apply for roles in Vocational Training.

EOE AA M/F/Vet/Disability:

Qualified applicants will receive consideration for employment without regard to their age, race, religion, national origin, ethnicity, age, gender (including pregnancy, childbirth, et al), sexual orientation, gender identity or expression, protected veteran status, or disability.
Successful candidates might be required to undergo a background verification with an external vendor.

Requisition ID: 342806  | Work Area: Information Technology  | Expected Travel: 0 - 10%  | Career Status: Professional  | Employment Type: Regular Full Time   | Additional Locations: #LI-Hybrid.
 

Requisition ID:  342806
Posted Date:  Jun 18, 2022
Work Area:  Information Technology
Career Status:  Professional
Employment Type:  Regular Full Time
Expected Travel:  0 - 10%
Location: 

Bangalore, KA, IN, 560066

Job alert


Job Segment: Corporate Security, Information Security, Cloud, ERP, Project Manager, Security, Technology