SAP Info Security Compliance Senior Specialist f/m/d 

Germany, Baden-Württemberg 

451081391

About Delos Cloud
Delos Cloud, a start-up founded by SAP, strives to deliver a sovereign cloud platform for the digitaltransformation of the German public sector. The platform is an essential component for the implementation ofthe German Administrative Cloud Strategy (DVS) in compliance with all relevant data protection, IT security,and secrecy requirements of the BSI. Delos Cloud is a trusted partner of the federal, state, and local IT serviceproviders and complements their service portfolio. Therefore, you will find exciting and varied tasks in aninnovative and meaningful environment. For more information, please visit: www.deloscloud.de

SAP has founded Delos Cloud to deliver a vendor and solution-neutral sovereign cloud and accelerate the digital transformation of public services in Germany. Catering to the need for digitization in the public sector, the new company will act as a trusted partner providing an open sovereign cloud platform. With Sovereignty and Security at its heart, the cloud infrastructure offering is designed to meet the strict and unique national requirements set out by the German Government’s multi-cloud strategy.

Your Future Role & Responsibilities

• Develop and implement a comprehensive compliance program to ensure adherence to relevant laws, regulations, and industry standards.
• Develop and maintain the Delos Cloud Multi-Compliance Framework and related processes integrating in the overarching Management System landscape and Enterprise GRC strategy.
• Support and provide guidance to Delos Cloud functional units during implementation of the Multi-Compliance Framework.
• Stay up-to-date with changes in laws and regulations that may impact the company's operations, incorporate changes in the compliance framework, and communicate these changes to relevant stakeholders.
• Steer the development and maintenance of the Delos Cloud Policy Framework based on a Multi-Compliance approach with a strong focus on IT-Security aspects.
• Ensure quality of and consistency within the entire policy framework and related documentation, e.g., standards, procedures, and guidelines.
• Collaborate with internal departments to develop and update policies, procedures, and controls to ensure compliance with applicable regulations.
• Prepare and submit reports to regulatory bodies, senior management, and other stakeholders.
• Maintain the Delos Cloud Policy SharePoint and perform framework release management.

Profile & Required Skills

• Excellent understanding of compliance auditing practices and methodology, e.g. ISAE 3000, SOC 1/SOC, ISO22301
• Excellent knowledge of Management Systems pursuing an integrated approach, e.g. ISO 27001 (ISMS), ISO 9001 (QMS), ISO 50001 (ENMS), BSI Standards
• Good understanding of German IT Security laws and regulations (BSI IT-Grundschutz, C5, ISO 27001), strategies, processes, and services.
• Deep experience in writing and maintaining policies based on official regulations
• Focus on process development, quality and results
• Excellent theoretical and practical knowledge of IT Processes as well as of the underlying policies
• Certifications like CISA, CISM, GCFA, GCIH, GCIA, GNFA, GREM, GCCC, or Security+ are an asset
• Teamwork and collaboration
• Fluent German and English language skills both written and oral

Work experience

• 5+ years professional experience in Compliance (IT Audit, Governance, Risk, Compliance, IT Operations), risk management, policy management.
• Experience in (security) operations and coordination of contracted 3rd party resources