Share this Job

Security Compliance Senior Specialist for Data Privacy & Protection Certifications Job

Apply now »

Date: May 16, 2019

City: Walldorf/St. Leon-Rot, BW, DE

Company: SAP

Requisition ID: 208470
Work Area: Corporate Operations
Location: Walldorf/St. Leon-Rot
Expected Travel: 0 - 10%
Career Status: Professional
Employment Type: Regular Full Time

COMPANY DESCRIPTION

SAP started in 1972 as a team of five colleagues with a desire to do something new. Together, they changed enterprise software and reinvented how business was done. Today, as a market leader in enterprise application software, we remain true to our roots. That’s why we engineer solutions to fuel innovation, foster equality and spread opportunity for our employees and customers across borders and cultures.

SAP values the entrepreneurial spirit, fostering creativity and building lasting relationships with our employees. We know that a diverse and inclusive workforce keeps us competitive and provides opportunities for all. We believe that together we can transform industries, grow economics, lift up societies and sustain our environment. Because it’s the best-run businesses that make the world run better and improve people’s lives.

PURPOSE AND OBJECTIVES
Your career in one of the most exciting environments at SAP!
Within the SAP Enterprise Security (SES) organization the department “Security Compliance Office” (SCO) is globally responsible for the IT Security Framework of SAP´s Cloud Units (incl. S/4HANA, HEC, SFSF, SCP etc.) as well as for related compliance demands topics. SCO provides strategic cloud security & compliance direction and operational advisory services to enable SAP to be the best-run Enterprise Cloud Company.
SCO will act internally and externally as the trusted partner & advisor for IT security and compliance matters.
The primary objectives of SCO are

  • To protect SAP´s Cloud & IT resources
  • To ensure, secure and stable operations of SAP´s and our customer´s systems in the SAP Cloud.

Based on business requirements the Security Compliance Team is responsible to apply to legal demands/regulations and define internal controls including the corresponding compliance and technical security measures for SAP´s Cloud solutions. This will be done in close alignment with SAP’s Cloud-operating organizations and the SAP Process Office to continuously improve the compliance level for SAP and SAP’s cloud customers globally. Hence active collaboration and support of SAP globally during implementation of compliance improvements is a key task.
In our Security Compliance team, we are looking for a Senior Specialist in Data Privacy and Protection supporting activities connected to Compliance & Certifications in assigned region. These activities will be done in close alignment with SAP’s Cloud Operating units, and Cloud Compliance Office to continuously improve the security, data privacy and compliance level for SAP and SAP’s customers globally. The mission of the Data Protection & Privacy Compliance team is to deliver state of the art Data Privacy controls as well as support in achieving corresponding Compliance Certifications for SAP´s Cloud Solutions.
This individual is expected to have a high level of attention to detail, plus an interest in compliance, data privacy & security management as well as auditing.
EXPECTATIONS AND TASKS

  • Define, plan, justify, and execute projects for Data Privacy & Protection (DPP) Compliance
  • Develop, implement, and maintain DPP related processes, procedures and measures for achieving DPP Certifications in our Cloud Units
  • Lead and work collaboratively with teams of cross-functional projects and stakeholders to achieve DPP project objectives
  • Perform risk assessments, define privacy and security controls, generate documentation, and perform other duties as a DPP Compliance Team Member to maintain our DPP and compliance posture
  • Responsible for implementation and establishment of compliance demands concerning local and European DPP laws (e.g. GDPR, EU Directive, DSGVO)
  • Advisory and Analysis of the LoB specific internal control system (organizational procedures and technical measures) to close identified gaps
  • Audit Management (internal/external/customer audits – planning, execution and finding tracking)
  • Single Point of Contact for Cloud Units concerning DPP Compliance questions as well as consulting/support of LoBs to fulfill legal requirements (e.g. with focus on customer data)
  • Continuous improvement and establishment of monitoring and control mechanism to ensure compliance fulfillments and transparency via internal control effectiveness reporting
  • Perform internal reviews of control mechanism
  • Development and communication of DPP compliance relevant processes and embedded controls with a close collaboration with the Process Office
  • Audit Coordination and Management as well as issue tracking and support for fixing identified issues

EDUCATION AND QUALIFICATIONS / SKILLS AND COMPETENCIES
Required

  • Knowledge of key information risk management, data protection and security related standards including ISO 27018, BS10012, GDPR, EU Data Security and Privacy Acts, and NIST standards
  • Knowledge of common Certification Standards for IT Security, Business Continuity & Quality Management (e.g. SOC 1, SOC 2, C5, ISO 27001, ISO22301, ISO 9001) as well as leading practices for IT processes and controls (e.g. ITIL, COBIT)
  • Good experience in auditing practices and methodology or similar consulting services
  • The ability to communicate complex security & data protection risks to non-technical staff and to system administrators
  • Able to see the Compliance “big picture” and contribute to development of operational control measures
  • Quick adaption of new working areas and audit norms
  • Good Project Management Skills
  • Result orientation and execution focus
  • Proactive behavior and high willingness to learn
  • Demand for a challenging position with the chance to develop your own ideas
  • Ability to assert oneself and conflict management
  • Strong communication skills in German & English and ability to influence others

Preferred

  • Experience of additional Attestation & Certification demands for e.g. PCI Compliance.
  • Show creativity and enjoy in implementing new solutions and demands
  • Self-contained working approach in collaboration with other compliance teams

WORK EXPERIENCE

5+ years’ experience in Data Privacy & Protection Compliance as an Auditor or an IT Internal Controls Consultant. SAP experience will be of advantage. If you are a passionate Professional wanting to take your experience to the next level, this opportunity could be transformational to your career. We want to hear from you!

WHAT YOU GET FROM US

Success is what you make it. At SAP, we help you make it your own.

A career at SAP can open many doors for you. If you’re searching for a company that’s dedicated to your ideas and individual growth, recognizes you for your unique contributions, fills you with a strong sense of purpose, and provides a fun, flexible and inclusive work environment – apply now.

SAP'S DIVERSITY COMMITMENT
To harness the power of innovation, SAP invests in the development of its diverse employees. We aspire to leverage the qualities and appreciate the unique competencies that each person brings to the company.

SAP is committed to the principles of Equal Employment Opportunity and to providing reasonable accommodations to applicants with physical and/or mental disabilities. If you are in need of accommodation or special assistance to navigate our website or to complete your application, please send an e-mail with your request to Recruiting Operations Team (Americas: Careers.NorthAmerica@sap.com or Careers.LatinAmerica@sap.com, APJ: Careers.APJ@sap.com, EMEA: Careers@sap.com).

Successful candidates might be required to undergo a background verification with an external vendor.

Additional Locations:


Job Segment: Database, Compliance, ERP, Corporate Security, Technology, Legal, Security