SAP Corporate IT Compliance (Senior) Consultant (SOX IT & IT Internal Controls) Job in Walldorf/St. Leon-Rot, Germany

Requisition ID: 187845

Work Area: Corporate Operations

Location: Walldorf/St. Leon-Rot

Expected Travel: 0 - 10%

Career Status: Professional

Employment Type: Regular Full Time


SAP started in 1972 as a team of five colleagues with a desire to do something new. Together, they changed enterprise software and reinvented how business was done. Today, as a market leader in enterprise application software, we remain true to our roots. That’s why we engineer solutions to fuel innovation, foster equality and spread opportunity for our employees and customers across borders and cultures.

SAP values the entrepreneurial spirit, fostering creativity and building lasting relationships with our employees. We know that a diverse and inclusive workforce keeps us competitive and provides opportunities for all. We believe that together we can transform industries, grow economics, lift up societies and sustain our environment. Because it’s the best-run businesses that make the world run better and improve people’s lives.


The mission of the GBO Business Operations Team – as part of the Digital Transformation Office – is to support the Global Business Operations (GBO) Board Area to run efficiently and compliant.

The GBO Business Operations Team is responsible for:

  • Implementing a proper IT Governance model across different units and board areas

  • Ensuring compliance and transparency regarding Data Protection and Privacy, IT Security, SOX and ISO Certification, Works Council Co-Determination and more

  • Defining operational processes supported by the right tools and methods

  • Operationalizing our strategic objectives by providing suitable steering methods and overall transparency, including workforce and budget.

The objectives of the IT SOX Team are mainly to:

  • Achieve SOX compliance for SAP IT

  • Protect confidential and strictly confidential information by implementing mitigating security & control

  • Measures for existing and future technologies

  • Maintain a stable and efficient authorization concept to be able to control access to critical data

Based on legal requirements the IT SOX - Internal Controls (Senior) Specialist supports all related compliance activities to continually improve the effectiveness of the internal control system for SAP IT.

This role will provide effective guidance and oversight for general processes in operations, as well as own key decisions regarding quality thresholds and regulatory compliance. It is also required to ensure that the processes are documented in alignment with the SAP process methodology including embedded controls and uses best practices that were already implemented.


As IT SOX - Internal Controls (Senior) Specialist, you'll be responsible to:

  • Maintain & support the internal control frameworks of SAP IT

  • Monitor & test effectiveness of the defined internal control system

  • Support in reaching Attestations e.g. SOX for SAP SE

  • Proactively collaborate & support internal Projects, M&A activities in regards to compliance requests

  • Support in providing control efficiency for own operated IT SOX processes

  • Actively collaborate with IT units to improve the internal control system matching the derived business requirements

  • Manage & conduct internal IT security and quality management audits and ensure effectiveness of such audits

  • Present and report audit results including the identification, quantification, prioritization of preventive and corrective actions

  • Manage and drive the creation of mitigation plans and follow up on the defined implementation measures

  • Support Authorization Reviews across different applications (e.g. SAP ERP, SAP CRM, S4/HANA, etc.)


Required skills:

  • Bachelor´s or Master degree

  • Good knowledge of common Attestation demands for IT Security& Compliance Management (e.g. SOX, ISO, etc.)

  • Quick adaption of new working areas, audit norms and new technologies

  • Good knowledge of business processes in at least one of the internal used systems like ERP, CRM, BW, HR or S4/HANA

  • Result orientation and execution focus

  • Strong communication skills in English and German

  • Others: General IT knowledge, interest in Project Management

Preferred skills:

  • Experience of common Certification Standards for IT Security, Business Continuity & Quality Management (e.g. ISO 27001, ISO22301, ISO 9001) as well as leading practices for IT processes and controls (e.g. ITIL, COBIT).

  • Experience in auditing practices and methodology. ISO 27001 Lead Auditor certification is an advantage.

  • Skills in HANA database technology (eg. HANA Authorization concept, HANA Audit Policies, …)

  • Technical knowledge and skills in new technologies (e.g. cloud services)


At least 2 years’ experience in IT Compliance or Audit Management, preferably as an Auditor or IT Internal Controls Consultant. Both, Young Talents and experienced Colleagues, are welcome to step in this position. For both levels a way forward can be defined.


Success is what you make it. At SAP, we help you make it your own.

A career at SAP can open many doors for you. If you’re searching for a company that’s dedicated to your ideas and individual growth, recognizes you for your unique contributions, fills you with a strong sense of purpose, and provides a fun, flexible and inclusive work environment – apply now .


To harness the power of innovation, SAP invests in the development of its diverse employees. We aspire to leverage the qualities and appreciate the unique competencies that each person brings to the company.

SAP is committed to the principles of Equal Employment Opportunity and to providing reasonable accommodations to applicants with physical and/or mental disabilities. If you are in need of accommodation or special assistance to navigate our website or to complete your application, please send an e-mail with your request to Recruiting Operations Team (Americas: or , APJ: , EMEA: ).

Successful candidates might be required to undergo a background verification with an external vendor.

Additional Locations: