Senior Security Risk Specialist (f/m/d)


September 14, 2021

What we offer
Our company culture is focused on helping our employees enable innovation by building breakthroughs together. How? We focus every day on building the foundation for tomorrow and creating a workplace that embraces differences, values flexibility, and is aligned to our purpose-driven and future-focused work. We offer a highly collaborative, caring team environment with a strong focus on learning and development, recognition for your individual contributions, and a variety of benefit options for you to choose from. Apply now!


  • Understand the risk quantification process by supporting asset identification, applying data gathering techniques, demonstrating the ability to define and decompose a risk scenario, and communicating the quantitative risk reports (financial terms).
  • Be the lead and support SAP Lines of business on successful cyber risk quantification. Consider management strategies, improve the decision making and the prioritization of identified risks align with business goals.
  • Oversee quantitative analysis process for security risks, targeted security risks assessments and other security project reviews identified across cybersecurity, enterprise security architecture, business continuity/ disaster recovery, and other security-related IT functions.
  • Collaborate with security risk teams across SAP to deliver quantitative risk assessments.
  • stakeholders to establish formal information security risk practices.
  • Work independently and with internal and external business partners for any third-party assessments on security functions.
  • Demonstrating proven expertise and successfully manage simultaneous project work streams in system security, cybersecurity controls or information security management environment, specifically on NIST domains.

  • Excellent oral, written and interpersonal communication skills in English language with the ability to quickly build rapport.
  • Security certification, e.g., CISSP, - CRISC preferred, or be prepared to attain.
  • Ability to understand and interpret information security, IT, and risk management terminology and topics.
  • Ability to understand threat modelling and analysis, data management, guided workflows and loss reporting assessments based on the FAIR taxonomy.
  • Solid mathematical and/or statistical skills.
  • Ability to demonstrate analytical expertise, close attention to detail, excellent conflict resolution and negotiation skills, logic, and solution orientation and to learn and adapt quickly, thinking out of the box mindset.
  • Proactive, self-managed, and able to interface well with sponsor personnel and inter-disciplinary teams across an organization.
  • 5+ years information security, IT, audit, risk management, quantitative analysis, compliance, or risk consulting related experience required.
  • 5+)years of managing IT initiatives/project management required.
  • Experience using Governance, Risk and Compliance (GRC) tools and Factor Analysis of Information Risk Model (FAIR) preferred.
  • Experience with quantitative risk analysis and/or statistical and mathematical modelling is a plus.
  • Experience with information security compliance audit frameworks and requirements, e.g. NIST, COBIT, CMMI, ISO27001, FISMA, FedRAMP, SOC, SOX, PCI-DSS, GDPR and Data Privacy is a plus.


We are SAP

SAP innovations help more than 400,000 customers worldwide work together more efficiently and use business insight more effectively. Originally known for leadership in enterprise resource planning (ERP) software, SAP has evolved to become a market leader in end-to-end business application software and related services for database, analytics, intelligent technologies, and experience management. As a cloud company with 200 million users and more than 100,000 employees worldwide, we are purpose-driven and future-focused, with a highly collaborative team ethic and commitment to personal development. Whether connecting global industries, people, or platforms, we help ensure every challenge gets the solution it deserves. At SAP, we build breakthroughs, together.

Our inclusion promise

SAP’s culture of inclusion, focus on health and well-being, and flexible working models help ensure that everyone – regardless of background – feels included and can run at their best. At SAP, we believe we are made stronger by the unique capabilities and qualities that each person brings to our company, and we invest in our employees to inspire confidence and help everyone realize their full potential. We ultimately believe in unleashing all talent and creating a better and more equitable world.
SAP is proud to be an equal opportunity workplace and is an affirmative action employer. We are committed to the values of Equal Employment Opportunity and provide accessibility accommodations to applicants with physical and/or mental disabilities. If you are interested in applying for employment with SAP and are in need of accommodation or special assistance to navigate our website or to complete your application, please send an e-mail with your request to Recruiting Operations Team: Americas: or, APJ:, EMEA:
EOE AA M/F/Vet/Disability:
Qualified applicants will receive consideration for employment without regard to their age, race, religion, national origin, ethnicity, age, gender (including pregnancy, childbirth, et al), sexual orientation, gender identity or expression, protected veteran status, or disability.
Successful candidates might be required to undergo a background verification with an external vendor.
Requisition ID:304432 | Work Area: Information Technology | Expected Travel: 0 - 10% | Career Status: Professional | Employment Type: Regular Full Time |