Senior Risk Specialist (f/m/d): Security Risk Management


July 21, 2021

What we offer
Our company culture is focused on helping our employees enable innovation by building breakthroughs together. How? We focus every day on building the foundation for tomorrow and creating a workplace that embraces differences, values flexibility, and is aligned to our purpose-driven and future-focused work. We offer a highly collaborative, caring team environment with a strong focus on learning and development, recognition for your individual contributions, and a variety of benefit options for you to choose from. Apply now!


Within SAP Global Security, the Policy & Risk Management team is seeking a Senior Risk Specialist (f/m/d) to further strengthen their team by taking over the following tasks:
  • Understand applicable regulations, compliance frameworks, and industry leading practices for Risk Management.
  • Work directly with the lines of business to facilitate security risk identification, analysis, applicable security controls for mitigation, and ongoing monitoring to an acceptable level of residual risk.
  • Use mathematical models such as Factor Analysis of Information Risk Model (FAIR) to quantify cyber security risks and help determine optimum investments that will minimize security risk to SAP and its customers.
  • Facilitate risk quantification meetings and working group sessions.
  • Monitor risk mitigation strategy plans to help bring open security risks to closure.
  • Develop and monitor security risk metrics leveraging automation and provide periodic updates to the executive management on security risk and compliance efforts.
  • Support the line of business in documenting the risk mitigation plans, cost justification, and projected risk reduction in terms of impact and financial loss exposure.
  • Develop meaningful reporting to support risk-based decision making by leadership.
  • Ensure all requirements defined by the global risk management policy and supporting standards are met on time and in good quality.
  • Support the ongoing development of security risk management end-to-end processes, the global security policy and supporting standards to ensure all internal and external requirements are defined.


  • 5+ years of related professional experience in risk management or cyber security analyst roles
  • University Degree (e.g. Risk Management, Cyber Security, Finance, or Business Administration) or comparable qualification
  • Certifications such as FAIR, CRISC, CISSP, or CISA are a plus.
  • Experience with risk quantification models such as Factor Analysis of Information Risk (FAIR) or risk quantification platforms such as RiskLens is a preferred.
  • Experience with information security compliance audit frameworks and requirements e.g. NIST, COBIT, CMMI, ISO27001, FISMA, FedRAMP, SOC, SOX, PCI-DSS, GDPR and Data Privacy.
  • Risk management experience preferably within the security profession.
  • Ability to identify potential risks and determine the appropriate controls required to mitigate each risk.
  • Ability to build a network and to collaborate with various teams globally.
  • Very good English language skills – verbal and written. Good German skills are beneficial
  • Prior experience driving strategic projects or initiatives.
  • Experience in presenting to leadership teams summarizing findings to facilitate risk-based decisions.


We are SAP

SAP innovations help more than 400,000 customers worldwide work together more efficiently and use business insight more effectively. Originally known for leadership in enterprise resource planning (ERP) software, SAP has evolved to become a market leader in end-to-end business application software and related services for database, analytics, intelligent technologies, and experience management. As a cloud company with 200 million users and more than 100,000 employees worldwide, we are purpose-driven and future-focused, with a highly collaborative team ethic and commitment to personal development. Whether connecting global industries, people, or platforms, we help ensure every challenge gets the solution it deserves. At SAP, we build breakthroughs, together.

Our inclusion promise

SAP’s culture of inclusion, focus on health and well-being, and flexible working models help ensure that everyone – regardless of background – feels included and can run at their best. At SAP, we believe we are made stronger by the unique capabilities and qualities that each person brings to our company, and we invest in our employees to inspire confidence and help everyone realize their full potential. We ultimately believe in unleashing all talent and creating a better and more equitable world.
SAP is proud to be an equal opportunity workplace and is an affirmative action employer. We are committed to the values of Equal Employment Opportunity and provide accessibility accommodations to applicants with physical and/or mental disabilities. If you are interested in applying for employment with SAP and are in need of accommodation or special assistance to navigate our website or to complete your application, please send an e-mail with your request to Recruiting Operations Team: Americas: or, APJ:, EMEA:
EOE AA M/F/Vet/Disability:
Qualified applicants will receive consideration for employment without regard to their age, race, religion, national origin, ethnicity, age, gender (including pregnancy, childbirth, et al), sexual orientation, gender identity or expression, protected veteran status, or disability.
Successful candidates might be required to undergo a background verification with an external vendor.
Requisition ID:298344 | Work Area: Corporate Operations | Expected Travel: 0 - 10% | Career Status: Professional | Employment Type: Regular Full Time or Part Time