Share this Job

Third Party Risk Specialist

Apply now »

Date: Feb 28, 2021

City: Newtown Square, PA, US

Company: SAP



Requisition ID: 268295
Work Area: Administration
Expected Travel: 0 - 10%
Career Status: Professional
Employment Type: Regular Full Time



SAP started in 1972 as a team of five colleagues with a desire to do something new. Together, they changed enterprise software and reinvented how business was done. Today, as a market leader in enterprise application software, we remain true to our roots. That’s why we engineer solutions to fuel innovation, foster equality and spread opportunity for our employees and customers across borders and cultures.

SAP values the entrepreneurial spirit, fostering creativity and building lasting relationships with our employees. We know that a diverse and inclusive workforce keeps us competitive and provides opportunities for all. We believe that together we can transform industries, grow economics, lift up societies and sustain our environment. Because it’s the best-run businesses that make the world run better and improve people’s lives.




  • Support all Third-Party Risk Management (TPRM) activities to proactively identify, evaluate, and mitigate cyber security and operational risks.
  • Establish strong partnership with SAP stakeholders and support the facilitation and management of the security risk assessment process and monitoring of remediation plans in accordance with the TPRM standard.
  • Track and monitor the status of due diligence reviews and communicate the status with key stakeholders on a regular basis.
  • Participate in the preparation of third-party risk reports to effectively communicate current residual risk status to business stakeholders.
  • Participate in the timely and accurate notification and escalation of actual or potential risks involving third parties.
  • Support the identification and evaluation of complex supply chain and technology risks, internal controls which mitigate risks, and related opportunities for internal control improvement.
  • Support the identification and maintenance an on-going list of all critical suppliers while providing status reporting to key stakeholders.
  • Support the continuous assessment of any legal, regulatory, and external certification requirements relating to TPRM.
  • Support the delivery of reporting on all aspects of TPRM performance and effectiveness.
  • Identify opportunities to improve business resiliency through proactive management of TPRM.
  • Work cross-functionally with team members to support and drive a collaborative team environment.
  • Support the collaboration with the global purchasing organization to ensure security requirements are part of the onboarding process and continuously improved based on the ever-changing threat landscape.
  • Support the collaboration with the global legal organization to ensure contractual obligations are met from a security perspective.
  • Stay informed about the latest developments in the TPRM field.
  • Support all internal and external audit activities as they relate to TPRM.
  • Assist in the enhancement and implementation of the TPRM program.
  • Support response/recovery planning and testing with critical suppliers/providers, as necessary, and report on the test results to key stakeholders.


  • University Degree (e.g. Risk Management, Cyber Security, Finance, Supply Chain, or Business Administration)
  • Certifications such as CRISC, CISSP, or CISA are a plus.
  • Risk management experience, preferably within TPRM or cyber security profession.
  • Knowledge of TPRM threat scenarios, security controls, concepts, processes and tools.
  • Knowledge of the National Institute of Standards and Technology (NIST) frameworks and NIST controls applicable to supply chain risk management.
  • Ability to build a network and to collaborate with various teams globally.
  • Excellent communication and presentation skills, both verbal and in writing.
  • Fluent in writing and speaking English


  • At least 3-5 years of experience in Third-Party Risk Management (TPRM) or cyber security analyst roles.
  • Experience supporting strategic projects or initiatives.
  • Experience in presenting to leadership teams summarizing findings to facilitate risk-based decisions.


  • Philadelphia (Newtown Square)
  • Relocation is not available for this position


Success is what you make it. At SAP, we help you make it your own. A career at SAP can open many doors for you. If you’re searching for a company that’s dedicated to your ideas and individual growth, recognizes you for your unique contributions, fills you with a strong sense of purpose, and provides a fun, flexible and inclusive work environment – apply now.

To harness the power of innovation, SAP invests in the development of its diverse employees. We aspire to leverage the qualities and appreciate the unique competencies that each person brings to the company.

SAP is committed to the principles of Equal Employment Opportunity and to providing reasonable accommodations to applicants with physical and/or mental disabilities. If you are in need of accommodation or special assistance to navigate our website or to complete your application, please send an e-mail with your request to Recruiting Operations Team (Americas: Careers.NorthAmerica@sap.com or Careers.LatinAmerica@sap.com, APJ: Careers.APJ@sap.com, EMEA: Careers@sap.com).

Successful candidates might be required to undergo a background verification with an external vendor.

Additional Locations

Nearest Major Market: Philadelphia

Job Segment: Risk Management, ERP, Law, SAP, Supply, Finance, Technology, Legal, Operations