Share this Job

Security Risk Response Leader

Apply now »

Date: Dec 30, 2020

City: Newtown Square, PA, US, 19073

Company: SAP

Requisition ID: 270332
Work Area: Information Technology
Expected Travel: 0 - 10%
Career Status: Professional
Employment Type: Regular Full Time


SAP started in 1972 as a team of five colleagues with a desire to do something new. Together, they changed enterprise software and reinvented how business was done. Today, as a market leader in enterprise application software, we remain true to our roots. That’s why we engineer solutions to fuel innovation, foster equality and spread opportunity for our employees and customers across borders and cultures.
SAP values the entrepreneurial spirit, fostering creativity and building lasting relationships with our employees. We know that a diverse and inclusive workforce keeps us competitive and provides opportunities for all. We believe that together we can transform industries, grow economics, lift up societies and sustain our environment. Because it’s the best-run businesses that make the world run better and improve people’s lives.



SAP is seeking a Security Risk Response Leader that will work with our internal teams and various Lines of Businesses (LoBs) to formulate, quantify and track risk mitigation plans. Specifically, the candidate will create, maintain, and enhance risk reduction initiatives and drive report output for key security and compliance threat vectors such as infrastructure and compliance risk, third party suppliers, security incidents, data transfers, vulnerability assessments, system entitlements, etc. In addition to construction and management of the risk mitigation and response lifecycle, this individual will be fundamental in interpreting the data as a subject matter expert adding value to SAP’s overall Integrated Risk Management framework. The candidate will collaborate with key partners across the organization and distill information into management and executive-level reporting. The candidate will have a strong understanding of security and compliance related risks and controls, and effectively collaborate with multiple stakeholders.





  • Leading the administration and regular enhancement of SAP’s risk-based mitigation program and processes designed to help ensure compliance with laws, regulations, internal and external audits (Such as SOC1, SOC2, ISO 27001, internal audits, etc.), and detect and prevent potential non-compliance, and any other related SAP requirements
  • Collaborate with internal departments and various LoBs to analyze, communicate and make recommendations with respect to regulatory requirements
  • Driving the process of assessing, monitoring, and mitigating compliance risks across various SAP LoBs by developing, enhancing and executing the risk mitigation and response program to include compliance audits (internal, external, and customer audits), including the performance of mitigated changes, with potential coordination and management of internal and/or external resources as warranted and in collaboration with other assurance functions (e.g., Internal Audit and GR&AS); This will require personal engagement in the conduct of such activities, as well as management of the team’s performance implementation of these activities
  • Leading the phased development and execution of relevant risk mitigation activity and ongoing evolution to aid our ability to assess the effectiveness of SAP’s compliance program elements.


The job further requires the Security Risk Response Leader to maintain strong subject matter expertise through learning and engagement in external programs and conferences and relevant benchmarking to provide sound advice and guidance to business partners regarding compliance policy, processes and issue management, and in the development of team, mentor and coach risk response team members and serve in leadership roles related to special projects and initiatives.  You will design and deliver meaningful, accurate and effective presentations to senior management and ensure follow-up on any areas that require corrective action, oversee the management and maintenance of various tools and data streams related to risk mitigation and response and assist in preparation for all external inquiries and audits and/or internal reviews of systems or processes.


You will identify, develop and help implement enhanced mitigation and response controls as warranted, be able to handle all matters as confidential, demonstrate an ability to effectively and continually prioritize, and identify new issues requiring attention in a risk-based manner and help drive resolution within and beyond scope of responsibility and additionally, this role requires the ability to identify matters that require elevation to senior management on mitigation of risk and improving the effectiveness of the compliance program.





  • Undergraduate degree required, knowledge of NIST and FAIR frameworks preferred.
  • At least 10 years of professional work experience is required. Progressive work experience in System Architecture, Management consulting experience at one of Big 4 consulting in the area of compliance, security, and system architecture is strongly preferred. Compliance risk management and monitoring/auditing experience with a global company and consulting firm with emphasis in auditing is required.
  • Knowledge of compliance laws, rules, regulations, risks and typologies
  • Strong interpersonal skills with the ability to work collaboratively and with people at all levels of the organization
  • Advanced analytical skills
  • Ability to both works independently and collaborate with team members
  • Excellent project management and organizational skills and capability to handle multiple projects at one time
  • Proficient in MS Office applications (Excel, Word, PowerPoint)
  • Relevant certifications desirable (CISA, CRISC, CISSP, CISM)





Success is what you make it. At SAP, we help you make it your own.
A career at SAP can open many doors for you. If you’re searching for a company that’s dedicated to your ideas and individual growth, recognizes you for your unique contributions, fills you with a strong sense of purpose, and provides a fun, flexible and inclusive work environment – apply now.

To harness the power of innovation, SAP invests in the development of its diverse employees. We aspire to leverage the qualities and appreciate the unique competencies that each person brings to the company.

SAP is committed to the principles of Equal Employment Opportunity and to providing reasonable accommodations to applicants with physical and/or mental disabilities. If you are interested in applying for employment with SAP and are in need of accommodation or special assistance to navigate our website or to complete your application, please send an e-mail with your request to Recruiting Operations Team. (Americas:Careers.NorthAmerica@sap.com or Careers.LatinAmerica@sap.com, APJ: Careers.APJ@sap.com, EMEA: Careers@sap.com). Requests for reasonable accommodation will be considered on a case-by-case basis. Successful candidates might be required to undergo a background verification with an external vendor.

EOE AA M/F/Vet/Disability:
Qualified applicants will receive consideration for employment without regard to their age, race, religion, national origin, gender, sexual orientation, gender identity, protected veteran status or disability.

Successful candidates might be required to undergo a background verification with an external vendor.
Additional Locations: 

Nearest Major Market: Philadelphia

Job Segment: Risk Management, Law, ERP, Consulting, Finance, Security, Legal, Technology