SAP SAP Customer Security Audits - Information 

Germany, Baden-Württemberg 

389428993

Position Responsibilities:

• Assist audit fieldwork with external customer auditors using appropriate auditing methods while leveraging existing documentation (ie Standard, procedures, Walkthrough decks, etc.) evidence and/or obtain new documentation to meet customer demands.
• Contribute to customer security audit in collaboration with SAP’s various lines of business.
• Clearly communicate project status and results with senior management, project team, and stakeholders. Develop clear communication channels and direction among cross-functional teams.
• Shares in-depth knowledge and experience with direct team to enable decision-making and provide innovative solutions to complex business issues
• Assist team and the customers to document and mitigate any identified findings and/or potential risks and control weaknesses. Assist with continuous evaluation and upgrading of operational policies, procedures and best customer auditing practices.
• Establish and maintain strong stakeholder relationships.
• Stay up-to-date with industry developments, regulatory changes, and emerging risks to inform audit planning and execution.
• Work with SAP lines of business to implement and remediated recommended solutions for mitigation and improvement.

Job Specific Specialized Knowledge & Skills:

• Preferred relevant professional certifications including CISSP, CISA, CIPP, GIAC, or related information security certifications.
• Exposure to information security and compliance, IT audit, consulting, and risk management.
• Preferred exposure with ISO 27k family, SOC reports, PCI DSS, FedRAMP, or equivalent information security and privacy compliance certifications.
• Exposure to translating compliance requirements into operational and technical control objectives.
• Knowledge and understanding about cloud security compliance and infrastructure.
• Ability to support and facilitate complex programs across business and engineering teams with high collaboration and leadership.

Qualifications & Experience:

• Bachelor's degree or equivalent practical experience.
• 5+ years of experience in program or project management, specific to Risk, Compliance, and Security.
• 3 years of experience in supporting audit engagements.
• Experience with audit compliance, risk assessments, risk management compliance, cloud, project management, and compliance policies.
• Experience with regulatory intake process, performing regulatory compliance analysis and control mapping for the sub-regions under ownership when there are new regulations or changes to existing regulations.
• Fluency in both, English and German (verbal & written)