Description
YOUR FUTURE ROLE SAP GS2 (Government Security) unit is looking for a VS-NfD (restricted) Multicontrolframework Sr. Specialist / Expert (f/m/d) focusing on building a Multicontrolframework for the restricted part of the SAP Cloud Infrastructure in Germany.
ABOUT THE TEAM The SAP Government Security unit is part of the SAP CEO Board Area and ensures strict liability fulfillment of customers’ national security requirements, business enablement in sensitive industries and compliance with Critical Infrastructure and Telecommunications Compliance for SAP world-wide. The position will reside within the GS2 sub team GRIP (Government Resilience & Infrastructure Protection).
Bring out your best
SAP innovations help more than four hundred thousand customers worldwide work together more efficiently and use business insight more effectively. Originally known for leadership in enterprise resource planning (ERP) software, SAP has evolved to become a market leader in end-to-end business application software and related services for database, analytics, intelligent technologies, and experience management. As a cloud company with two hundred million users and more than one hundred thousand employees worldwide, we are purpose-driven and future-focused, with a highly collaborative team ethic and commitment to personal development. Whether connecting global industries, people, or platforms, we help ensure every challenge gets the solution it deserves. At SAP, you can bring out your best.
Your Future Role
As an Expert Multicontrolframework , you will play a key role in designing, implementing, and managing a comprehensive multicontrol framework on the classification Level of VS-NfD (restricted) that encompasses IT security, physical security controls, and compliance. You will ensure the highest level of security compliance for our cloud solutions provided to public sector and regulated industries customers, aligning with German data classification standards such as VS-NfD (Classified Information – For Official Use Only) .
Your primary responsibilities will include:
- Setting up and support in managing a multicontrol framework that integrates IT security (technical and compliance) and physical security controls.
- Ensuring full compliance with VS-NfD and relevant standards such as IT baseline protection (IT-Grundschutz), ISO 27001 , and IT Security Products (7164) .
- Collaborating with internal teams and external auditors to prepare and provide comprehensive documentation and presentations that ensure conformity with these standards.
- Support to manage the entire security lifecycle for cloud solutions deployed in public sector and regulated industries, ensuring their alignment with the highest security standards.
- Consulting with customers during presales, helping to identify specific security requirements, developing solutions, and demonstrating how our products meet stringent regulatory needs.
- Be involved in maintaining strong relationships with supervisory authorities and ensuring successful external audits.
- Supporting and guiding cross-functional teams on security compliance strategies, particularly for public sector & regulated industries.
- Staying updated on emerging threats and security trends to continuously improve security frameworks.
- Providing leadership and guidance on cloud security best practices and working closely with technical teams to integrate security within cloud solutions.
You are an experienced and proactive security expert with a strong background in IT and physical security frameworks. Your profile should demonstrate some of the experience below:
- Master’s degree (or equivalent) in a relevant field
- 10+ years of total work experience including IT Security and/or compliance roles
- Experience with IT security frameworks and compliance standards , particularly VS-NfD , ISO 27001 , and IT baseline protection (IT-Grundschutz) .
- Knowledge and hands-on experience with IT security products (7164) and security architectures for cloud solutions.
- Experience and/or knowledge about working in VS-NfD environments , including familiarity with the requirements of authorities and regulated industries .
- Solid understanding of the public sector and regulated industries’ unique security needs, including experience in setting up security controls for cloud solutions.
- Experience working with customers and presales teams , helping to tailor security solutions that meet their regulatory requirements.
- Good communication and presentation skills , with the ability to translate complex security requirements into clear, customer-ready documentation and presentations.
- Demonstrated ability to support or even lead external audits and communicate effectively with supervisory authorities and auditors .
- Cloud knowledge and experience , including the deployment and management of secure cloud environments in regulated industries.
- A high level of self-initiative , coupled with the ability to drive projects independently and within cross-functional teams.
- Track record in analyzing (national) security regulations and translating the requirements into corporate actions.
- Understanding of contractual terms and conditions for identification of required actions to protect government classified information.
- Knowledge about German National Industry Security Manual regulations
- Ability to analyze political situations and interdependencies in Germany.
- End-to-end understanding of government communication
- Fluency in German and English , both written and spoken.
- Willingness to undergo the process for a personal security clearance according to German Security Clearance Act
We help the world run better
At SAP, we enable you to bring out your best. Our company culture is focused on collaboration and a shared passion to help the world run better. How? We focus every day on building the foundation for tomorrow and creating a workplace that embraces differences, values flexibility, and is aligned to our purpose-driven and future-focused work. We offer a highly collaborative, caring team environment with a strong focus on learning and development, recognition for your individual contributions, and a variety of benefit options for you to choose from.
SAP’s culture of inclusion, focus on health and well-being, and flexible working models help ensure that everyone – regardless of background – feels included and can run at their best. At SAP, we believe we are made stronger by the unique capabilities and qualities that each person brings to our company, and we invest in our employees to inspire confidence and help everyone realize their full potential. We ultimately believe in unleashing all talent and creating a better and more equitable world.
SAP is proud to be an equal opportunity workplace and is an affirmative action employer. We are committed to the values of Equal Employment Opportunity and provide accessibility accommodations to applicants with physical and/or mental disabilities. If you are interested in applying for employment with SAP and are in need of accommodation or special assistance to navigate our website or to complete your application, please send an e-mail with your request to Recruiting Operations Team: Careers@sap.com.
For SAP employees: Only permanent roles are eligible for the SAP Employee Referral Program, according to the eligibility rules set in the SAP Referral Policy. Specific conditions may apply for roles in Vocational Training.
Requisition ID: 405790 | Work Area: Sekretariat / Assistenz | Expected Travel: 0 – 10% | Career Status: Berufserfahren | Employment Type: Vollzeit, unbefristet | Additional Locations: #LI-Hybrid