SAP - Principal IT Security Specialist (T4)

SAP started in 1972 as a team of five colleagues with a desire to do something new. Together, they changed enterprise software and reinvented how business was done. Today, as a market leader in enterprise application software, we remain true to our roots. That’s why we engineer solutions to fuel innovation, foster equality and spread opportunity for our employees and customers across borders and cultures.

SAP values the entrepreneurial spirit, fostering creativity and building lasting relationships with our employees. We know that a diverse and inclusive workforce keeps us competitive and provides opportunities for all. We believe that together we can transform industries, grow economics, lift up societies and sustain our environment. Because it’s the best-run businesses that make the world run better and improve people’s lives.

PURPOSE AND OBJECTIVES

Within the SAP Global Security (SGS) organization the department Security Architecture & Governance supports secure infrastructure & application operations, as well as secure cloud development, in order to deliver secure cloud services to our customers. Additionally, it supports our internal infrastructure and operations teams to provide their services in a secure and compliant manner. Focus topics are:

  • Global Security Policy, Standards, and Procedures

  • Business Applications Security

  • Infrastructure Security

  • Security Architecture

  • Secure Operational Architecture Requirements

For our Security Account Management Team, we are searching for a Principal IT Security Specialist who will be responsible to ensure that the SAP Security Framework is understood, properly implemented, and effective throughout corporate and productive (cloud) environments alike. The Security Account Management Team works very closely with multiple Lines of Business, ensuring constant transparency into their security posture, with the ultimate goal of ensuring that the delivered products and services provide confidentiality, integrity, and availability of customer data.

EXPECTATIONS, TASKS AND RESPONSIBILITIES

  • Maintain constant and continuous contact with assigned Lines of Business (LoB), ensuring that the SAP Security Policy Framework is understood and adhered to

  • Drive the overall engagement between SAP Global Security (SGS) and assigned LoB(s), ensuring that security strategy, priorities, and objectives are aligned with the LoB

  • Assist and consult with LoB, ensuring that Secure Operational Architectural Requirements are transparent and always improving in maturity

  • Support operational teams by providing review and approval to security concepts, ensuring adherence to the SAP Security Policy framework

  • Plays an integral role in the planning, execution, and follow-up of IT Security Audits / Hacking Simulations, with a central focus of follow-up and/or remediation activities

  • Responsible for the delivery and engagement model of the Secure Operational Architecture Requirements framework, and works closely with various security architects to ensure the technical requirements are adequate and in line with the current threat landscape

  • As a senior member within the team, should be a role model and example for other team members

EDUCATION AND QUALIFICATIONS / SKILLS AND COMPETENCIES

Required

  • University Degree in the field of Computer Science, Cybersecurity, IT Security, Software engineering or equivalent

  • Advanced knowledge in Enterprise Information Security Architecture

  • Superior knowledge of current IT Security Frameworks, to include but not limited to NIST, CSA, ISO

  • Strong innovative and critical thinker, with the drive and commitment to stay up to date on current technology, as well as industry best practices and procedures

  • Self-motivator with the ability to work independently in complex situations

  • Excellent presentation and communication skills

  • Experience in intercultural work environments

  • Potential to be groomed into positions of increased responsibility and accountability (e.g. Team Lead)

  • Fluent written and spoken English and German

  • Strong technical writing skills

Preferred

  • Knowledge in the areas of SAP´s product technology and underlying security concepts is a plus

  • Demand for a challenging position and the desire for self-development

  • Willingness to learn, teach, and excel in a team setting

  • Proactive behavior and high willingness to learn

  • A professional certification e.g. CISSP or CISA is highly preferred.

WORK EXPERIENCE

  • 8-10 years professional experience in IT and/or Cybersecurity, preferably with a focus on Security Architecture & Governance.

  • 5+ years professional experience in positions of increased responsibility at the Senior level

  • Proven ability to manage and maintain complex projects and/or situations

  • Profound ability to work in an intercultural and virtual team environment with consistent success

WHAT YOU GET FROM US

Success is what you make it. At SAP, we help you make it your own.

A career at SAP can open many doors for you. If you’re searching for a company that’s dedicated to your ideas and individual growth, recognizes you for your unique contributions, fills you with a strong sense of purpose, and provides a fun, flexible and inclusive work environment – apply now.

SAP'S DIVERSITY COMMITMENT
To harness the power of innovation, SAP invests in the development of its diverse employees. We aspire to leverage the qualities and appreciate the unique competencies that each person brings to the company.

SAP is committed to the principles of Equal Employment Opportunity and to providing reasonable accommodations to applicants with physical and/or mental disabilities. If you are in need of accommodation or special assistance to navigate our website or to complete your application, please send an e-mail with your request to Recruiting Operations Team (Americas: Careers.NorthAmerica@sap.com or Careers.LatinAmerica@sap.com, APJ: Careers.APJ@sap.com, EMEA: Careers@sap.com).

Successful candidates might be required to undergo a background verification with an external vendor.