We are searching for technology-minded colleagues who are eager to translate compliance and security requirements into repeatable implementations.SAP cloud products must comply with an ever-increasing number of regulations, industry standards, audits, and certifications. We have to understand the exact requirements, implement them efficiently, and show compliance continuously.
As a Compliance Architect (f/m/d) in the Business Technology Platform Security Risk Management team, you are the translator between such regulations, standards etc., and BTP development and operations teams. With your technology-focused view, you map the compliance requirements to requirements the BTP teams can act upon. Your tasks include to:
- Map and document requirements from regulations, standards etc. to affected BTP services.
- Analyze gaps and propose ways to address them.
- Act as a consultant to BTP product owners on how to build security and compliance-related automation.
- Communicate project status and results to senior management, project team, and stakeholders. Develop clear communication channels and direction among cross-functional teams.
- Establish and maintain strong stakeholder relationships with our development teams and SGSC as SAP’s central compliance and security organization.
- Depending on your skill set and aspirations:
- Take part in the implementation of features for compliance automation.
- Present the compliance status in relevant audits and drive continuous improvement.
What you bring
- A good university degree (bachelor, diploma, master, PhD) in cyber security, computer science, or related fields. Similar qualifications are welcome as well.
- Technical understanding of cloud solutions and their underlying architecture.
- Fluent language skills in English - verbal and written.
- 5+ years of experience in the security or compliance field, e.g., audit compliance, risk assessments, cloud-based solutions, project management, and compliance policies.
Preferred Skills
- Experience translating compliance requirements into operational and technical control objectives.
- Experience with regulations or certifications like CCSL, DORA ENS, GxP, ISMAP, ISO 20000, KSA ECC2018/CCC2020/NCS, or equivalent industry or country-specific regulations.
- Experience with regulatory intake process, performing regulatory compliance analysis, and control mapping for the sub-regions under ownership when there are new regulations or changes to existing regulations.
Job Segment:ERP, Developer, Senior Product Manager, Compliance, Cyber Security, Technology, Operations, Legal, Security