Expoint - all jobs in one place

The point where experts and best companies meet

Limitless High-tech career opportunities - Expoint

SAP Information Security Compliance Senior Specialist f/m/d BCM 
Germany, Baden-Württemberg 
943640727

09.09.2024


Delos Cloud, a start-up founded by SAP, strives to deliver a sovereign cloud platform for the digitaltransformation of the German public sector. The platform is an essential component for the implementation ofthe German Administrative Cloud Strategy (DVS) in compliance with all relevant data protection, IT security,and secrecy requirements of the BSI. Delos Cloud is a trusted partner of the federal, state, and local IT serviceproviders and complements their service portfolio. Therefore, you will find exciting and varied tasks in aninnovative and meaningful environment. For more information, please visit: www.deloscloud.de

Your Future Role & Responsibilities

  • Work on the legally compliant implementation of information security requirements to ensure compliance with relevant laws, regulations and industry standards mainly based on ISO 27001 and IT-Grundschutz.
  • Develop, implement, and maintain the Delos Cloud Business Continuity Management strategy based on BSI Standards as part of the integrated Management System.
  • Develop, implement, and regularly test the Delos Cloud business continuity framework and business continuity plans.
  • Develop, maintain and communicate information security policies and standards within the ISMS.
  • Evaluation of solutions, products, components and service providers with regard to technical information security requirements and risks in the life cycle of an IT resource
  • Advise and support our IT and specialist departments in the identification/management of information security risks and incidents and jointly develop tailor-made solutions for dealing with the risks.
  • Stay up-to-date with changes in the different security regulations that may impact the company's operations, incorporate changes in the compliance framework, and communicate these changes to relevant stakeholders.
  • Conduct regular security assessments to identify potential risks and areas for improvement within business units, and ensure proper documentation, monitoring and reporting of risks.
  • Prepare and submit reports to regulatory bodies, senior management, and other stakeholders.
  • Provide training and guidance to employees on information security-related matters

Profile & Required Skills

  • Excellent knowledge of IT Security standards and regulations (BSI IT-Grundschutz, BSI Standard 200-4, C5, ISO 27001, ISO 22301, NIST SP 800-34, ITIL), strategies, processes, and services.
  • Deep understanding of information security aspects of technologies and processes e.g. security operations, vulnerability management, cryptography, network security
  • Profound experience in information security and maintaining policies.
  • You have a high degree of decision-making and assertiveness based on a high level of social competence
  • Certifications like CISA, CISM, GCFA, GCIH, GCIA, GNFA, GREM, GCCC, or Security+ are an asset
  • Highly skilled in audit and compliance related activities.
  • Focus on process development, quality and results
  • Excellent theoretical and practical knowledge of IT Processes as well as of the underlying Policies
  • Teamwork and collaboration
  • Fluent German and English language skills both written and oral

Work experience

  • 5+ years professional experience in information security (Security Management)
  • Experience in security operations or management, and coordination of contracted 3rd party resources