Information Security Third Party Risk Specialist SAP SAP Global Security and Cloud Compliance

We help the world run better
At SAP we keep it simple: you bring your best to us and well bring out the best in you. Were builders touching over 20 industries and 80% of global commerce and we need your unique talents to help shape whats next. The work is challenging but it matters. Youll find a place where you can be yourself prioritize your wellbeing and truly belong. Whats in it for you Constant learning skill growth great benefits and a team that wants you to grow and succeed.

YOUR FUTURE ROLE

Our mission of the SAP Global Security and Cloud Compliance (SGSC) organization is to strengthen the security foundation for SAP fitting for a world class enterprise software company. Security and Compliance is a critically necessary requirement for the success at SAPs transformation in the areas of cloud Al and sustainability both internally and externally for SAPs customers. The Role within Information Security Risk Management is part of the Global Security Compliance and Risk unit which encompasses Governance Compliance and Certification as well as Information Security Risk Management.

Information Security Risk Management aims to proactively safeguard our organizations assets reputation and stakeholders byimproving the risk culture for behaviour towards risk taking negative outcomes and policycompliance by enhancing trust and risk mitigation whileprotecting the core values of ourorganization at all times.

This position as Information Security Third Party Risk Specialist offers the unique opportunity to contribute to the Information Security Risk Management Strategy while providing significant value to our business stakeholders. Youll be part of an international diverse team working in a role thats pivotal to our continued security and compliance posture.

What youll do

• Perform Inherent Risk Assessments with the Line of Business Units for the services to be provided by third parties to identify the relevancy of the risk based on security privacy and compliance.
• Perform Information Security Risk Assessments to the third parties that provide relevant services to SAP evaluate responses technical and non-technical evidences and raise potential findings.
• Track timelines of identified findings on a periodic basis to ensure the remediation of controls gaps.
• Communicate efficiently the results of the different risk assessments to the relevant stakeholders: third parties Line of Business Units BISO/risk coordinators.
• Follow-up the status of the risk assessments findings and security agreements and appropriately escalate to the relevant stakeholders when needed.

What you bring

• Professional working experience within Cyber Security Supply Chain Cloud and Application Securityand/or Information Security Risk functions and processes.
• Knowledge in Information Security Cloud and/or AIrelated frameworks (ISO 27001 ISO 27017 ISO 42001 NIST CSF etc.)
• Stakeholder engagement/management:communicate clearly and convincingly with different stakeholders.
• Demonstrate accountability transparency integrity and a team-oriented approach.
• good communication and presentation skills.
• Proven experience working in cyber security risk operations or risk management operations functions.
• Fluent written and spoken English skills.

Bring out your best
SAP innovations help more than four hundred thousand customers worldwide work together more efficiently and use business insight more effectively. Originally known for leadership in enterprise resource planning (ERP) software SAP has evolved to become a market leader in end-to-end business application software and related services for database analytics intelligent technologies and experience management. As a cloud company with two hundred million users and more than one hundred thousand employees worldwide we are purpose-driven and future-focused with a highly collaborative team ethic and commitment to personal development. Whether connecting global industries people or platforms we help ensure every challenge gets the solution it deserves. At SAP you can bring out your best.

We win with inclusion
SAPs culture of inclusion focus on health and well-being and flexible working models help ensure that everyone regardless of background feels included and can run at their best. At SAP we believe we are made stronger by the unique capabilities and qualities that each person brings to our company and we invest in our employees to inspire confidence and help everyone realize their full potential. We ultimately believe in unleashing all talent and creating a better world.

SAP is committed to the values of Equal Employment Opportunity and provides accessibility accommodations to applicants with physical and/or mental disabilities. If you are interested in applying for employment with SAP and are in need of accommodation or special assistance to navigate our website or to complete your application please send an e-mail with your request to Recruiting Operations Team:

For SAP employees: Only permanent roles are eligible for the SAP Employee Referral Program according to the eligibility rules set in the SAP Referral Policy. Specific conditions may apply for roles in Vocational Training.

Qualified applicants will receive consideration for employment without regard to their age race religion national origin ethnicity gender (including pregnancy childbirth et al) sexual orientation gender identity or expression protected veteran status or disability in compliance with applicable federal state and local legal requirements.

Successful candidates might be required to undergo a background verification with an external vendor.

AI Usage in the Recruitment Process

For information on the responsible use of AI in our recruitment process please refer to our Guidelines for Ethical Usage of AI in the Recruiting Process.

Please note that any violation of these guidelines may result in disqualification from the hiring process.

Requisition ID: 451360 Work Area: Information Technology Expected Travel: 0 - 10% Career Status: Professional Employment Type: Regular Full Time Additional Locations: #LI-Hybrid