SAP Senior Compliance and Privacy Consultant - SAP Ariba Job in Bangalore, India

Requisition ID: 185225

Work Area: Software-Development Operations

Expected Travel: 0 - 10%

Career Status: Professional

Employment Type: Regular Full Time

COMPANY DESCRIPTION

SAP started in 1972 as a team of five colleagues with a desire to do something new. Together, they changed enterprise software and reinvented how business was done. Today, as a market leader in enterprise application software, we remain true to our roots. That’s why we engineer solutions to fuel innovation, foster equality and spread opportunity for our employees and customers across borders and cultures.

SAP values the entrepreneurial spirit, fostering creativity and building lasting relationships with our employees. We know that a diverse and inclusive workforce keeps us competitive and provides opportunities for all. We believe that together we can transform industries, grow economics, lift up societies and sustain our environment. Because it’s the best-run businesses that make the world run better and improve people’s lives.

Job Purpose:

Security and Privacy are vital components of SAP Ariba's success as a cloud company. Our customers entrust us with their Confidential Business Transactional Data and some Personally Identifiable Information because of the value that we add by processing that data for them. SAP Ariba’s Trust Office team is responsible for identifying, assessing and managing threats, vulnerabilities, and associated risks to Ariba’s information assets and resources. This includes providing expertise and operating and maintaining various integrated security technologies to protect the integrity, confidentiality and availability of all information resources throughout a highly distributed cloud environment. Success will depend upon building rapport and credibility with multiple stakeholders across SAP Ariba. As a leader in Cyber Security, this candidate will have opportunities to mentor, support, and contribute to goals and initiatives that ensure the secure usage of technology, industry standards, and best practices. If you want to be a game changer in building confidence in the cloud for our customers, consider joining our team. We are looking for ambitious people who thrive in a dynamic environment, are passionate about security and ready for a challenge.

The Compliance and Privacy analyst is accountable for the development, implementation, and maintenance of the compliance and privacy program across the SAP Ariba products, operations and services, in alignment with the SAP Legal, Compliance and Data Protection and Privacy offices. This will involve establishing process and tools for monitoring program compliance; investigation and tracking of data subject rights; providing support for sales and implementations; and helping ensure SAP Ariba compliance with applicable laws and standards globally including GDPR (EU).

Responsibilities:

  • Partner with Legal, Compliance and DPP offices to monitor and interpret the various data compliance standards, laws, contractual obligations and industry best practices.

  • Develop and enhance the existing program, policies, procedures and guidance to continually improve our compliance.

  • Work closely with Product Management and Engineering on requirements relating to the design and delivery of products and services and ensure compliance. Implementation of data protection by design and by default in SAP Ariba products.

  • Global, company-wide assessment and tracking of all personal data processing activities within Ariba products and services as well as sub-processors and implementation of required changes. Provide a comprehensive worldwide registry for internal processes where personal data could be processed

  • Develop ongoing compliance enablement materials for SAP Ariba employees.

  • Collaborate with international stakeholders in order to develop compliance programs tailored specifically for local countries including China, Russia and Australia.

  • Address all aspects necessary for compliance including auditing and certification based on ISO, SOC 2, BSI, etc.

  • Perform Compliance and Privacy assessments for all product, service and infrastructure components through interviews and questionnaires to analyze personal data processing.

  • Evaluate technical and operational threats to the rights of customer users, review control design and implementation evidence, analyze the effectiveness of safeguards, identify gaps, assess and quantify risks, and, manage issue remediation and risk mitigation plans.

  • Implement processes to cover enhanced data subject rights, re-collect consents and update information notices including privacy statement (right to be forgotten, portability of personal data, withdraw a consent, inform about re-purposing of data, purpose of use of data, where to complain, profiling etc.). Partner with the support team to respond to customer and internal (sales and implementation) queries.

  • Maintain documentation and reporting on SAP Ariba compliance and privacy program.

Requirements

To be successful, the ideal candidate must be passionate about our customers, partners and technology. Success will depend upon building rapport and credibility with multiple stakeholders across SAP Ariba. As a program lead, this candidate will have opportunities to mentor, support, and contribute to goals and initiatives that ensure the secure usage of technology, industry standards, and best practices.

  • 5 years of experience in Compliance and Privacy compliance and risk management.

  • Understanding of technology use, trends and risks in a business context and environment.

  • Demonstrated experience working with regulatory requirements and standards (PCI-DSS, SOC 2, BSI, GDPR etc.) and frameworks (ISO 27000, COBIT, ITIL, NIST, ISF, OWASP, etc.).

  • Deep understanding of international security and privacy laws, standards and best practices.

  • Experience in building and maintaining compliance and privacy programs and controls.

  • Technical writing skills to prepare the required process and policy documentation based on discussions with subject matter experts

  • Must have a strategic mind-set to see the “big picture” and ensure a clear focus on the go forward agenda and the ability to make decisions balancing cost/opportunity and risk.

  • Strong verbal and written communication skills and ability to influence others.

The ideal candidate will also have the following qualifications and skills:

  • Excellent planning ability and business acumen.

  • Impeccable ethics and judgement.

  • Demonstrated ability to learn quickly, prioritize multiple urgent tasks, and deliver results in a fast-paced environment with extremely tight deadlines.

  • Must be organized and goal/execution oriented

Education

  • Bachelor’s Degree in MIS, Computer Science, or other related field.

  • At minimum one of the following industry certifications: CIPP, CIPM and/or CIPT

WHAT YOU GET FROM US

Success is what you make it. At SAP, we help you make it your own.A career at SAP can open many doors for you. If you’re searching for a company that’s dedicated to your ideas and individual growth, recognizes you for your unique contributions, fills you with a strong sense of purpose, and provides a fun, flexible and inclusive work environment – apply now .

SAP'S DIVERSITY COMMITMENT

To harness the power of innovation, SAP invests in the development of its diverse employees. We aspire to leverage the qualities and appreciate the unique competencies that each person brings to the company.

SAP is committed to the principles of Equal Employment Opportunity and to providing reasonable accommodations to applicants with physical and/or mental disabilities. If you are in need of accommodation or special assistance to navigate our website or to complete your application, please send an e-mail with your request to Recruiting Operations Team (Americas: Careers.NorthAmerica@sap.com or Careers.LatinAmerica@sap.com , APJ: Careers.APJ@sap.com , EMEA: Careers@sap.com ).

Successful candidates might be required to undergo a background verification with an external vendor.

Additional Locations :