SAP Security Compliance Expert 

United States, Virginia 

91136347

In this role you will become a founding member of the Technology and Engineering team. You will be engaging with existing infrastructure and product experts to help build up a globally distributed team of highly motivated individuals responsible for the secure deployment, upgrade and lifecycle management of the Sovereign Cloud non-production security infrastructure.

You will inspire innovation and drive execution of disciplined and standardized security processes and tools addressing mission-critical capability gaps and opportunities for maximized efficiency. You will help identify trade-offs in security deployment plans and any key day-to-day operational decisions impacting infrastructure investments significantly.

You will conduct security assessments of SAP products as part of their adoption into the Sovereign Cloud portfolio. You will work closely together with the SAP product teams as well as Sovereign Cloud engineering to communicate assessment results with the relevant stakeholders and follow-up on remediation activities with the overall goal of pushing security requirements left.

You will help the team to strengthen best practices on automated provisioning of foundational cloud infrastructure and of Sovereign Cloud ready SAP products. You need to ensure the team’s knowledge base is kept consistently up-to-date with native hyperscaler capabilities and modern infrastructure management tools. Starting from this status quo, you will design security concepts for our infrastructure management on the global scale.

WHAT YOU BRING

Due to the classified nature of our work, your willingness is required to subject yourself to a governmental security clearance process and thus have an EU, NATO or FIVE EYES country member nationality or residency. Besides that, you bring:

• Master's degree in business, operations, or engineering or other relevant disciplines
• Ability to manage through ambiguities while being innovative and collaborative
• Strong technology skills and the willingness to learn new topics quickly
• Strong analytical research and problem solving skills
• Ability to think strategically, delivering services to meet stakeholders’ demands on a timely basis
• Utilize quantitative and qualitative skills to analyze data and influence audit response and audit issues management/remediation plans.
• Ability to translate security requirements in a clear manner
• Ability to learn new security frameworks within a short time
• Ability to communicate complex security standards to a variety of stakeholders
• Proven ability to build up and lead successful teams
• Strong methodological and conceptual skills paired with analytical thinking
• Proven ability to produce documentation for processes and procedures
• Proven ability to work and lead in cross-functional teams
• Capability to influence without formal authority
• Strong communication and interpersonal skills
• Strong cultural awareness and intercultural competencies
• Ability to build trusted relationships with key stakeholders
• Decision-making and can-do attitude
• Proven ability to deliver against challenging timelines
• Persistence, self-motivation and willingness to work under pressure
• English (fluent)

WORK EXPERIENCE

• Thorough understanding of security related topics
• 6+ years of related professional experience
• Experienced in the use of cybersecurity frameworks such as NIST, ISO, and ISM
• Detailed knowledge of one or more security standards (e.g., ISO 27002:2022, ITSG-33, NIST SP 800-53, NIST SP 800-171, DOD SRG, C50)
• Exposure to FedRAMP, CCCS, and IRAP assessment methodologies
• Understanding of infrastructure firewalls, load balancers, storage, monitoring, security, IAM etc. and have experience with orchestration to develop a cloud solution

We win with inclusion

Washington DC