Information Technology

Senior Manager, Business Information Security Officer (BISO) (f/m/d)


We help the world run better


Our company culture is focused on helping our employees enable innovation by building breakthroughs together. How? We focus every day on building the foundation for tomorrow and creating a workplace that embraces differences, values flexibility, and is aligned to our purpose-driven and future-focused work. We offer a highly collaborative, caring team environment with a strong focus on learning and development, recognition for your individual contributions, and a variety of benefit options for you to choose from. Apply now!




Meet your team


The purpose of Intelligent Enterprise Solutions (IES) – as the internal IT organization and part of the Board Area People & Operations – is to deliver and run the Intelligent Enterprise. IES Security acts as cross-functional unit for all Delivery and Operation units in IES to provide IT Security guidance and services in close alignment with SAP Global Security.


As Senior Manager, Business Information Security Officer (f/m/d) your team will be the central and cross-functional security team in SAPs internal IT department. Your colleagues are distributed in Germany and the US. They cover all areas of cyber security and support the teams with their expertise in Risk Management, Awareness & Training, Identity Management, Incident Response etc. New ideas and views are very much appreciated and expected.



What you’ll do


The BISO leads the security strategy of IES and is the bridge to SAP Global Security (SGS) to better integrating security into all processes. This role is key to ensure cross-functional collaboration and engagement with security experts within (and outside) IES with the goal to protect IES, but also SAP from cyber threats and security incompliance. To reach this, you have to manage multiple cybersecurity topics and lead two teams and several SMEs in all areas of cybersecurity.


The main responsibilities will be:


  • Motivate the own team members, but also other IES teams to be curious and interested in cybersecurity. Lead and empower security experts, acting as security multiplier and be a change agent to ensure that everybody in IES considers security in SAP’s cloud transformation
  • Take over accountability for security processes and tasks, where no owner or specific process is defined yet. Improve the situation (not making it more complex) by supporting other IES units with the security capabilities of your team
  • Align security requirements with IES core business processes and ensure that relevant security aspects are covered while also considering business operation
  • Plan the IES security projects incl. budgets and align them with stakeholders in and outside IES considering new technologies, threats, and chances in the cybersecurity ecosystem
  • Drive the consumption of central security services (e.g., Vulnerability Management) where it is reasonable and provide additional security services (e.g., application-specific security monitoring)
  • Ensure that all functions of the NIST CSF are covered in IES, that external audit requests (ISO, SOX etc.) are adequately handled and that internal audits are coordinated
  • Ensure that roadblocks in security projects (IAM, Security Monitoring, Vulnerability Management, Incident Response etc.) are eliminated
  • Balance the security needs and capabilities from several stakeholders like IES Delivery & Operation units, SGS, Data Protection, Legal etc.



What you bring


  • Bachelor’s / Master’s degree in Cybersecurity, Computer Science, Business Informatics, or related discipline
  • High level of resilience, patience, and motivation for all cybersecurity topics
  • Very good knowledge in core cybersecurity areas (Risk Management, Security Architecture, IAM, Security Detection, Secure Development, Vulnerability Management, Awareness & Training, Incident Response, Recovery). Technical in-depth / hands-on expertise in at least 4 of these areas required
  • Good knowledge in security compliance areas and how to handle audits (ISO, SOX etc.), but also practical experience in executing audit (responses), defining, and fulfilling controls etc.
  • Strong communication skills (focusing C-Level, technical experts, business experts and auditors)
  • At least 10 years’ experience working in IT Security functions, at least 5 years as a people manager
  • Fluent English language skills are a prerequisite.



We build breakthroughs together


SAP innovations help more than 400,000 customers worldwide work together more efficiently and use business insight more effectively. Originally known for leadership in enterprise resource planning (ERP) software, SAP has evolved to become a market leader in end-to-end business application software and related services for database, analytics, intelligent technologies, and experience management. As a cloud company with 200 million users and more than 100,000 employees worldwide, we are purpose-driven and future-focused, with a highly collaborative team ethic and commitment to personal development. Whether connecting global industries, people, or platforms, we help ensure every challenge gets the solution it deserves. At SAP, we build breakthroughs, together.


We win with inclusion


SAP’s culture of inclusion, focus on health and well-being, and flexible working models help ensure that everyone – regardless of background – feels included and can run at their best. At SAP, we believe we are made stronger by the unique capabilities and qualities that each person brings to our company, and we invest in our employees to inspire confidence and help everyone realize their full potential. We ultimately believe in unleashing all talent and creating a better and more equitable world.

SAP is proud to be an equal opportunity workplace and is an affirmative action employer. We are committed to the values of Equal Employment Opportunity and provide accessibility accommodations to applicants with physical and/or mental disabilities. If you are interested in applying for employment with SAP and are in need of accommodation or special assistance to navigate our website or to complete your application, please send an e-mail with your request to Recruiting Operations Team:

For SAP employees: Only permanent roles are eligible for the SAP Employee Referral Program, according to the eligibility rules set in the SAP Referral Policy. Specific conditions may apply for roles in Vocational Training.

Requisition ID: 380351  | Work Area: Information Technology  | Expected Travel: 0 - 10%  | Career Status: Management  | Employment Type: Regular Full Time   | Additional Locations: Virtual - Germany #LI-Hybrid


Requisition ID:  380351
Posted Date:  Jan 28, 2024
Work Area:  Information Technology
Career Status:  Management
Employment Type:  Regular Full Time
Expected Travel:  0 - 10%

Walldorf, DE, 69190

Job alert

Job Segment: Cyber Security, Information Security, ERP, Cloud, Security Guard, Security, Technology