Share this Job

Risk & Compliance Senior Specialist, Global Physical Security

Apply now »

Date: Mar 26, 2021

City: Newtown Square, US, 19073

Company: SAP



Requisition ID: 276038
Work Area: Administration
Expected Travel: 0 - 10%
Career Status: Professional
Employment Type: Regular Full Time



SAP started in 1972 as a team of five colleagues with a desire to do something new. Together, they changed enterprise software and reinvented how business was done. Today, as a market leader in enterprise application software, we remain true to our roots. That’s why we engineer solutions to fuel innovation, foster equality and spread opportunity for our employees and customers across borders and cultures.

SAP values the entrepreneurial spirit, fostering creativity and building lasting relationships with our employees. We know that a diverse and inclusive workforce keeps us competitive and provides opportunities for all. We believe that together we can transform industries, grow economics, lift up societies and sustain our environment. Because it’s the best-run businesses that make the world run better and improve people’s lives.

SAP Global Physical Security (GPS) department is looking for a talented, dynamic and progressive Risk and Compliance Sr Specialist. This principal will own driving the overall management, control, response and execution of Risk & Compliance for SAP Global Physical Security.  As a leader, you will be responsible for the reporting, remediation, measurement and control of all reported Risk & Compliance deficiencies in the organization.  They will work closely with key stakeholders as well as closely with our senior leadership team to support initiatives related to all compliance activities and requirements. 


The Role

  • Understand applicable regulations, guidelines and industry best practices, furthermore, contribute towards the execution of SAP’s standards specifically set by enterprise governance and SAP Global Security policies and procedures as applicable to security governance, risk and compliance requirements
  • Act as the subject matter expert within corporate functions for security risk management and related activities, as well as for all security matters
  • Oversee security risks, targeted security risks assessments and other security project reviews as identified across all aspects of SAP Global Security, including cyber security, enterprise security architecture, business continuity and disaster recovery, security related IT functions
  • Perform periodic security risk assessments and conduct related ongoing compliance monitoring activities with corporate standards, as well as measure alignment with various frameworks and regulations
  • Review security exceptions for the specific corporate function and reinforce the identification of security risks
  • Use mathematical models such as Factor Analysis of Unformation Risk Model (FAIR) to determine optimum investments that will minimize security risk to SAP and its customers
  • Conduct security risk assessments in line with corporate functions and advise the corporate leadership on risk reduction proposals with cost justification
  • Monitor and enhance the risk mitigation strategies and plans helping bring open security risks to closure
  • Work independently, as well as with internal and external business partners for any third party assessments on security functions
  • Develop and monitor security risk metrics supported by comprehensive workflow automation and provide periodic updates to the executive management on security risk and compliance efforts
  • Provides leadership, mentoring, and training to security personnel and to other SAP stakeholders in order to establish a formal information security risk appetite for SAP
  • Demonstrate proven expertise and success managing simultaneous project work streams in system security, cyber security controls or information security management environment, specifically on NIST-domains

Role Requirements

  • BA/BS in Computer Science, Information Security, Business Administration or related work experience
  • Security certification e.g. CISSP, CISA - CRISC preferred
  • Ability to demonstrate analytical expertise, close attention to detail, excellent conflict resolution and negotiation skills, logic, and solution orientation and to learn and adapt quickly, thinking out of the box mindset
  • Ability to learn and operate in a dynamic and agile environment
  • Proven experience working in multi-functional and multi-cultural teams
  • Proactive, self-managed, and able to interface well with sponsor personnel and inter-disciplinary teams across an organization
  • Experience with information security compliance audit frameworks and requirements e.g. NIST, COBIT, CMMI, ISO27001, FISMA, FedRAMP, SOC, SOX, PCI-DSS, GDPR and Data Privacy


Work Experience

  • Minimum of five (5) years information security, audit, risk management, compliance or risk consulting related experience preferred
  • Minimum of five (5) years of managing IT initiatives / project management required
  • Experience using Governance, Risk and Compliance (GRC) tools and Factor Analysis of Unformation Risk Model (FAIR) preferred


Location:NYC/Philadelphia/Boston/Pittsburgh/D.C./Miami/Orlando.  No relcoation avaiable for this role.  





Success is what you make it. At SAP, we help you make it your own. A career at SAP can open many doors for you. If you’re searching for a company that’s dedicated to your ideas and individual growth, recognizes you for your unique contributions, fills you with a strong sense of purpose, and provides a fun, flexible and inclusive work environment – apply now.

To harness the power of innovation, SAP invests in the development of its diverse employees. We aspire to leverage the qualities and appreciate the unique competencies that each person brings to the company.

SAP is committed to the principles of Equal Employment Opportunity and to providing reasonable accommodations to applicants with physical and/or mental disabilities. If you are in need of accommodation or special assistance to navigate our website or to complete your application, please send an e-mail with your request to Recruiting Operations Team (Americas: Careers.NorthAmerica@sap.com or Careers.LatinAmerica@sap.com, APJ: Careers.APJ@sap.com, EMEA: Careers@sap.com).

Successful candidates might be required to undergo a background verification with an external vendor.

Additional Locations

Nearest Major Market: Philadelphia

Job Segment: Risk Management, Compliance, Corporate Security, ERP, Finance, Legal, Security, Technology