What you`ll do:
SAP cloud products must comply with an ever-increasing number of regulations, industry standards, audits, and certifications. We have to understand the exact requirements, implement them efficiently, and show compliance continuously.
As a Compliance Architect in the Business Technology Platform (BTP) Security Risk Management team, you are the translator between such regulations, standards etc., and BTP development and operations teams. With your technology-focused view, you map the compliance requirements to requirements the Business Technology Platform teams can act upon.
Your tasks include to:
- Map and document requirements from external regulations and standards to affected Business Technology Platform services.
- Analyze gaps and propose ways to address them.
- Act as a consultant to Business Technology Platform product owners on how to build security and compliance-related automation.
- Communicate project status and results to senior management, project team, and stakeholders. Develop clear communication channels and direction among cross-functional teams.
- Establish and maintain strong stakeholder relationships with our development teams and SAP Global Security & Compliance as SAP’s central compliance and security organization.
- Depending on your skill set and aspirations:
- Take part in the implementation of features for compliance automation.
- Present the compliance status in relevant audits and drive continuous improvement.
What you bring:
- A good university degree (bachelor, diploma, master, PhD) in cyber security, computer science, or related fields. Similar qualifications are welcome as well.
- Technical understanding of cloud solutions and their underlying architecture.
- Fluent language skills in English - verbal and written.
- 5+ years of experience in the security or compliance field, e.g., audit compliance, risk assessments, cloud-based solutions, project management, and compliance policies.
Preferred Skills
- Experience translating compliance requirements into operational and technical control objectives.
- Experience with regulations or certifications like CCSL, DORA ENS, GxP, ISMAP, ISO 20000, KSA ECC2018/CCC2020/NCS, or equivalent industry or country-specific regulations.
- Experience with regulatory intake process, performing regulatory compliance analysis, and control mapping for the sub-regions under ownership when there are new regulations or changes to existing regulations.
Job Segment:ERP, Cloud, Compliance, Developer, Cyber Security, Technology, Legal, Security