SAP EMEA Compliance and Customer Audit Analyst Job in Budapest, Hungary
Requisition ID: 177398
Work Area: Information Technology
Expected Travel: 0 - 10%
Career Status: Professional
Employment Type: Regular Full Time
As market leader in enterprise application software, SAP helps companies of all sizes and industries innovate through simplification. From the back office to the boardroom, warehouse to storefront, on premise to cloud, desktop to mobile device – SAP empowers people and organizations to work together more efficiently and use business insight more effectively to stay ahead of the competition. SAP applications and services enable customers to operate profitably, adapt continuously, and grow sustainably.
The HCM Cloud Service Delivery and Operations (SDO) Regional Compliance and Customer Audit Analyst is part of the team overseeing all operational security and compliance activities across 12 Global Data Centers. Role is to ensure customer compliance is attained and to work with customers on customer audits pertaining to adherence to SAP and SuccessFactors Security policy and operational requirements for the SAP HCM Cloud Delivery and platforms. The analyst is responsible to work directly with SuccessFactors’ customers and facilitate and support customer audits of HCM compliance processes and controls. Additionally, analyst ensures the compliance of the platforms, and compliance to regulatory guidelines and standards (SSAE-16 SOC2, ISO 27001, PCI, EUDP/GDPR, etc).
The ideal candidate is capable of supporting a majority of the team responsibilities, has strong customer-facing skill sets, is an effective communicator and negotiator and can work independently with a minimum of supervision.
Work within a global team of Information Security professionals, part of the SuccessFactors Information Security Office, within the Service Delivery and Operations (SDO) organization.
Participate in other HCM Compliance and Audit team responsibilities, management and requirements, audit frameworks (SOC2, ISO27001, DPMS, BSI 10012, EUDP, GDPR, etc), coordination and collaboration with other teams across the enterprise
In close cooperation with the global Information security team, manage Information Security Office team members and subject matter experts including Operations Security, Compliance and Risk Management team members
Key skills and abilities – an ideal candidate possess a strong breadth of information security and IT skills sets:
Plans and prepares for regulatory, compliance or operational reviews/audits, specifically related to SAP SuccessFactors’ customers who have the right-to-audit.
Strong customer advocate with customer-facing skill sets, strong negotiation skills and ability to keep composure under pressue.
Monitors IT systems to ensure they follow policies and practices.
Evaluates technology, identifies controls, and keeps records.
Evangelizes security policies, and mentors IT staff team members to ensure they have an understanding of compliance audit requirements.
Performs audit procedures to verify that controls are operating through testing and interviewing techniques.
Identifies control gaps and opportunities for improvement.
Assesses, evaluates and promotes compliance to internal policies and procedures.
Provides advice on internal control and participates in enhancing internal audit standards and practices within IT Operations.
Researches new or technical subjects when required to support audits
Conducts risk assessments and identifies controls in place to mitigate identified risks.
Meets with outside audit teams from consulting agencies or customer organizations
Acts as a Team Player - Collaborate and supporting colleagues and peers across the organization, while still being able to work independently when needed.
Focuses on the Customer by understanding the business from the customer’s perspective and by keeping in regular contact with customers to understand business priorities and issues.
Committed to Self-Development
In depth understanding of compliance and security concepts, principles and practices related to server systems, OS, software applications, network, cloud and web
Working knowledge and experience in information security technologies such as anti-virus, malware detection, firewalls, VPN, IDS, authentication and SIEM
Knowledge and experience in regulatory guidelines and standards, such as SSAE-16 SOC2, ISO 27001, PCI, FISMA/FedRAMP, etc.
Strong project management skills with the ability to manage multiple projects at once
Strong English written and verbal communication skills, including document writing and executive-level project reporting
Work Experience/Years, Education and Certifications:
Bachelor degree in Information Technology or equivalent
Experience working within a global team, preferred
Minimum 5 years of experience in IT, in particular, information security technologies
Experience in information security certification and auditing is desired
Eager to learn and explore new information security technologies
Professional security certification, such as a Certified Information Security Auditor (CISA), Certified Information Security Manager (CISM), Certified Information Systems Security Professional (CISSP), or other similar credentials, is desired
Project Management Professional (PMP) certification a plus
SAP'S DIVERSITY COMMITMENT
To harness the power of innovation, SAP invests in the development of its diverse employees. We aspire to leverage the qualities and appreciate the unique competencies that each person brings to the company.
SAP is committed to the principles of Equal Employment Opportunity and to providing reasonable accommodations to applicants with physical and/or mental disabilities. If you are interested in applying for employment with SAP and are in need of accommodation or special assistance to navigate our website or to complete your application, please send an e-mail with your request to Recruiting Operations team (Americas: Careers.NorthAmerica@sap.com or Careers.LatinAmerica@sap.com, APJ: Careers.APJ@sap.com, EMEA: firstname.lastname@example.org). Requests for reasonable accommodation will be considered on a case-by-case basis.