SAP started in 1972 as a team of five colleagues with a desire to do something new. Together, they changed enterprise software and reinvented how business was done. Today, as a market leader in enterprise application software, we remain true to our roots. That’s why we engineer solutions to fuel innovation, foster equality and spread opportunity for our employees and customers across borders and cultures.
SAP values the entrepreneurial spirit, fostering creativity and building lasting relationships with our employees. We know that a diverse and inclusive workforce keeps us competitive and provides opportunities for all. We believe that together we can transform industries, grow economics, lift up societies and sustain our environment. Because it’s the best-run businesses that make the world run better and improve people’s lives.
EXPECTATIONS AND TASKS
- Manage the end-to-end lifecycle of Security Policy Framework documents, including policies, standards, and procedures.
- Drive the continuous improvement of the SAP Global Security Policy by soliciting input from internal stakeholders and researching industry leading security practices.
- Perform gap analyses and mappings of information security frameworks, internal controls, and the security requirements contained in existing and proposed security documents.
- Work directly with the lines of business and management to identify security requirements.
- Interpret security requirements into new and existing security documents.
- Organize and facilitate the Security Policy Working Group, a team of stakeholders from across the organization involved in the development of the SAP Global Security Policy.
- Draft and edit content and manage the review and approval of documents by internal and external stakeholders.
- Manage document control processes, including formatting, version control, and historical record.
- Initiate security awareness initiatives and communications.
- Represent the Security Policy Framework topic during audits and other business initiatives.
- Provide subject matter expertise for overall security policy topics at both the business and employee levels.
- Other tasks and responsibilities as assigned by management.
EDUCATION AND QUALIFICATIONS / SKILLS AND COMPETENCIES
- University degree in IT, Risk Management, Cyber Security, Business Administration or related area.
- Professional certifications such as CISA, CRISC, CISSP, or GIAC preferred.
- Strong understanding of leading industry security standards, associated controls, and audit requirements for compliance. Knowledge of NIST Cybersecurity Framework and ISO 27001/27002 preferred.
- Ability to lead discussions with both highly technical and non-technical individuals.
- Ability to build a network and to collaborate with various global teams and managers.
- Excellent verbal and written communication and presentation skills.
- Fluent in writing and speaking English.
- At least 5 years of experience in IT, risk management or cyber security roles.
- Prior experience driving strategical projects or initiatives.
- Previous experience writing and editing policies, procedures, or other technical communications.
- Experience in presenting to leadership teams.
- London, UK.
WHAT YOU GET FROM US
Success is what you make it. At SAP, we help you make it your own.
A career at SAP can open many doors for you. If you’re searching for a company that’s dedicated to your ideas and individual growth, recognizes you for your unique contributions, fills you with a strong sense of purpose, and provides a fun, flexible and inclusive work environment – apply now.
ERP Today is FREE to anyone involved with the ERP sector, and always will be. It is direct mailed to end users, vendors, consultancies and independent professionals.