Compliance Architect / Product Security Sr. Engineer/Expert
SAP
Hybrid
Program de lucru normal
3 - 7 ani de experiență
Full Time
Sofia, Bulgaria
Responsabilități
What you`ll do:
SAP cloud products must comply with an ever-increasing number of regulations, industry standards, audits, and certifications. We have to understand the exact requirements, implement them efficiently, and show compliance continuously.
As a Compliance Architect in the Business Technology Platform (BTP) Security Risk Management team, you are the translator between such regulations, standards etc., and BTP development and operations teams. With your technology-focused view, you map the compliance requirements to requirements the Business Technology Platform teams can act upon.
Your tasks include to:
- Map and document requirements from external regulations and standards to affected Business Technology Platform services.
- Analyze gaps and propose ways to address them.
- Act as a consultant to Business Technology Platform product owners on how to build security and compliance-related automation.
- Communicate project status and results to senior management, project team, and stakeholders. Develop clear communication channels and direction among cross-functional teams.
- Establish and maintain strong stakeholder relationships with our development teams and SAP Global Security & Compliance as SAP’s central compliance and security organization.
- Depending on your skill set and aspirations:Take part in the implementation of features for compliance automation.
Present the compliance status in relevant audits and drive continuous improvement.
What you bring:
- A good university degree (bachelor, diploma, master, PhD) in cyber security, computer science, or related fields. Similar qualifications are welcome as well.
- Technical understanding of cloud solutions and their underlying architecture.
- Fluent language skills in English - verbal and written.
- 5+ years of experience in the security or compliance field, e.g., audit compliance, risk assessments, cloud-based solutions, project management, and compliance policies.
Preferred Skills
- Experience translating compliance requirements into operational and technical control objectives.
- Experience with regulations or certifications like CCSL, DORA ENS, GxP, ISMAP, ISO 20000, KSA ECC2018/CCC2020/NCS, or equivalent industry or country-specific regulations.
- Experience with regulatory intake process, performing regulatory compliance analysis, and control mapping for the sub-regions under ownership when there are new regulations or changes to existing regulations.
Meet your team:
The Security Risk Management team consists of individuals specializing in almost every security and compliance domain. We understand the technologies we provide security for and the developers building it. We work in a risk-based manner and strive to team up with our more than 5000 developers in the core of Business Technology Platform to find effective and technically sound solutions.