Share this Job
Information Technology

Senior Security Risk Analyst

What we offer

Our company culture is focused on helping our employees enable innovation by building breakthroughs together. How? We focus every day on building the foundation for tomorrow and creating a workplace that embraces differences, values flexibility, and is aligned to our purpose-driven and future-focused work. We offer a highly collaborative, caring team environment with a strong focus on learning and development, recognition for your individual contributions, and a variety of benefit options for you to choose from. Apply now!




About the Role:

SAP HCM Cloud is looking for a Security Risk Analyst experience to help with security initiatives and security risk assessments. The analyst will be part of the Security Governance team under the CISO office and work closely with the software engineering teams as well as Compliance, Platform and Operation teams.



  • Responsible for maintaining general documents and descriptions
  • Engagement with regular risk assessments for business areas
  • Work with operational risk assessment experts to create an overall risk picture
  • Spearhead governance initiatives across a wide variety of security topics
  • Execution of business continuity planning initiatives
  • Implementation of recommendations, processes, activities, standards in his or her area
  • Ensures continuous Improvement, documents lessons learned, takes corrective and preventive action
  • Defines Management Policy in consideration with related subject areas
  • Coordinates security topics for internal customers
  • Provides security reporting & KPI’s on an organizational level
  • Roll up operational level data into organizational level risk information
  • Ensures appropriate documentation Reports
  • Security incident handling and coordination of related activities
  • Responsibility for assuring quality and effectiveness of security measures in his or her area
  • Assurance that security regulations are observed at all times
  • Implementation of security standards and strategies in his or her area
  • Provision of reports about the implementation of security recommendations and standards
  • Analysis and reporting in the event of security incidents and alerts
  • Collaboration with other SAP security teams
  • Contribute to the implementation and continuous improvement of security GRC processes
  • Contribute to the strategy and execution of the overall security governance and risk management program
  • Cultivate relationships with security, engineering, legal, internal audit, and business stakeholders to strengthen security governance and risk management



  • Knowledge of security laws, strategies, processes, standards, and services
  • Experience with qualitative and quantitative risk frameworks and assessment techniques
  • Analytics Capabilities
  • Conflict Management
  • Executive Communication
  • IT Security
  • Negotiation Skills
  • Presentation Skills
  • Business Process Analysis
  • Relationship & Trust Building
  • IT - Risk Management



  • Analytics Capabilities
  • Conflict Management
  • Executives Communication
  • IT Continuity Management
  • Governance, Risk and Compliance
  • IT Security
  • Application Security
  • Threat Modeling
  • Negotiation Skills
  • Presentation Skills
  • Business Process Analysis
  • Relationship & Trust Building
  • IT - Risk Management
  • B.S. degree or equivalent work experience in security, risk management, compliance, information systems or other relevant fields
  • 4+ years of combined risk management, risk consulting, and /or security work experience
  • Knowledge of qualitative and quantitative risk management approaches and processes, including proven implementation experience
  • Knowledge of security practices and controls applied to address security risks
  • Knowledge of and experience applying security, risk and control frameworks such as NIST, COBIT, and ISO
  • Experience with GRC products (e.g., RSA-Archer, Metric Stream, ServiceNow GRC etc.)




We are SAP

SAP innovations help more than 400,000 customers worldwide work together more efficiently and use business insight more effectively. Originally known for leadership in enterprise resource planning (ERP) software, SAP has evolved to become a market leader in end-to-end business application software and related services for database, analytics, intelligent technologies, and experience management. As a cloud company with 200 million users and more than 100,000 employees worldwide, we are purpose-driven and future-focused, with a highly collaborative team ethic and commitment to personal development. Whether connecting global industries, people, or platforms, we help ensure every challenge gets the solution it deserves. At SAP, we build breakthroughs, together.


Our inclusion promise

SAP’s culture of inclusion, focus on health and well-being, and flexible working models help ensure that everyone – regardless of background – feels included and can run at their best. At SAP, we believe we are made stronger by the unique capabilities and qualities that each person brings to our company, and we invest in our employees to inspire confidence and help everyone realize their full potential. We ultimately believe in unleashing all talent and creating a better and more equitable world.


SAP is proud to be an equal opportunity workplace and is an affirmative action employer. We are committed to the values of Equal Employment Opportunity and provide accessibility accommodations to applicants with physical and/or mental disabilities. If you are interested in applying for employment with SAP and are in need of accommodation or special assistance to navigate our website or to complete your application, please send an e-mail with your request to Recruiting Operations Team: Americas: Careers.NorthAmerica@sap.com or Careers.LatinAmerica@sap.com, APJ: Careers.APJ@sap.com, EMEA: Careers@sap.com.


EOE AA M/F/Vet/Disability:

Qualified applicants will receive consideration for employment without regard to their age, race, religion, national origin, ethnicity, age, gender (including pregnancy, childbirth, et al), sexual orientation, gender identity or expression, protected veteran status, or disability.

Successful candidates might be required to undergo a background verification with an external vendor.

 Requisition ID:306081 | Work Area: Information Technology | Expected Travel: 0 - 10% | Career Status: Professional | Employment Type: Regular Full Time  | Additional Locations: Virtual - USA

Senior Security Risk Analyst

Facility:  306081
Posted Date:  Oct 14, 2021
Work Area:  Information Technology
Career Status:  Professional
Employment Type:  Regular Full Time
Expected Travel:  0 - 10%

Reston, VA, US, 20191

Nearest Major Market: Washington DC

Job Segment: Risk Management, Engineer, ERP, Consulting, Finance, Security, Engineering, Technology