Senior Cybersecurity Incident Response (IR) Communications Expert

Job Description

We help the world run better
At SAP, we keep it simple: you bring your best to us, and we'll bring out the best in you. We're builders touching over 20 industries and 80% of global commerce, and we need your unique talents to help shape what's next. The work is challenging – but it matters. You'll find a place where you can be yourself, prioritize your wellbeing, and truly belong. What's in it for you? Constant learning, skill growth, great benefits, and a team that wants you to grow and succeed.

What you’ll build

In this global role, you will be a key member of SAP’s cybersecurity incident response (IR) communications team, responsible for leading and coordinating communications during significant cybersecurity and data privacy incidents and major vulnerability events (“Security Events”). The IR Communications Team acts as the central point of contact for enquiries by customer and customer-facing teams throughout the lifecycle of the Security Event, ensuring that information shared to them is accurate, timely and auditable. You will be involved throughout the lifecycle of the Security Event — from initial investigation through containment, remediation, recovery and after-action reviews.

It is critical that you are able to collaborate and align across multiple internal departments including SAP’s Cyber Legal, Data Protection and Privacy, Security, Product Engineering, Customer Support and other stakeholders to provide precise and effective Security Event communications in a manner that maintains customers’ confidence in SAP’s handling of the Security Event. Your work will help ensure continued trust in SAP during high-pressure security events.

What you’ll do

· Own and manage communications for major Security Events, including crisis-level events.

· Coordinate incident notifications, status updates and escalations in line with established response processes and approved communication templates.

· Serve as the primary communications interface for customer, field and internal stakeholder enquiries related to Security Events.

· Participate in Security Event triage calls and support decision-making with clear, concise communication.

· Ensure all communications are aligned across technical, legal and business stakeholders.

· Maintain a complete, auditable record of incident communications, decisions and approvals.

· Support and lead post-incident reviews, including lessons learned and continuous improvement initiatives.

· Identify opportunities to enhance Security Event communication, notification and escalation processes.

· Operate independently while managing multiple priorities in a fast-paced, global environment.

What you bring

· Solid experience in cybersecurity incident response, incident communications, crisis management, program/project management or related roles in a global technology enterprise environment.

· Demonstrated ability to stay positive and perform effectively under pressure and during fast-paced, high-impact events. Self-starter, motivated, organized, attention to details would be highly valued.

· Excellent written and verbal communication skills, including the ability to translate complex technical information for executive and non-technical audiences and draft in a legally compliant way.

· Strong stakeholder management capabilities and experience handling escalations. Experience in or collaborating with legal, privacy, regulatory and/or compliance teams would be highly valued.

· Solid project management and issue resolution skills, including planning, prioritization and tracking risks and issues through resolution.

· High degree of discretion and professionalism when handling legally sensitive and confidential information, in line with Legal’s guidance.

· Comfortable working in a virtual, globally distributed organization across multiple time zones.

· Knowledge of cybersecurity, data protection, regulatory compliance concepts and workflows. In particular, familiarity with established security and risk management frameworks and regulations such as ISO27001, SOC2, NIST CSF, EU GDPR, EU DORA would be valued.

· Experience working with cloud-based service delivery models.

· Experience with enterprise collaboration or ticketing tools such as Jira, MS Sharepoint, MS Power BI, MS Power Automate, ServiceNow would be a plus.

· Bachelor's degree (or higher degree) in Cybersecurity, Information Security, Law, Communications or related discipline preferred; industry certifications such as CISA, CISSP, CCSP, CISM, IAPP CIPPE would be a plus.

Where you belong

This senior role is integral to our team, and we look forward to welcoming a dedicated professional who will support us in building up the Cybersecurity IR Communications team within CISA. CISA sits within the SGSC Customer Office, which is the broader team that “faces” SAP customers and customer-facing teams. We are a team of highly motivated security and compliance professionals that thrive on delivering positive outcomes for SAP. We are uniquely positioned at the crossroads of multiple domains, including customer communications, contract negotiations and security compliance.

If you are a self-starter keen on making a real difference and have the relevant experience and skills, then this is the position for you!

#LI-SM9

Bring out your best
SAP innovations help more than four hundred thousand customers worldwide work together more efficiently and use business insight more effectively. Originally known for leadership in enterprise resource planning (ERP) software, SAP has evolved to become a market leader in end-to-end business application software and related services for database, analytics, intelligent technologies, and experience management. As a cloud company with two hundred million users and more than one hundred thousand employees worldwide, we are purpose-driven and future-focused, with a highly collaborative team ethic and commitment to personal development. Whether connecting global industries, people, or platforms, we help ensure every challenge gets the solution it deserves. At SAP, you can bring out your best.

We win with inclusion
SAP’s culture of inclusion, focus on health and well-being, and flexible working models help ensure that everyone – regardless of background – feels included and can run at their best. At SAP, we believe we are made stronger by the unique capabilities and qualities that each person brings to our company, and we invest in our employees to inspire confidence and help everyone realize their full potential. We ultimately believe in unleashing all talent and creating a better world.

SAP is committed to the values of Equal Employment Opportunity and provides accessibility accommodations to applicants with physical and/or mental disabilities. If you are interested in applying for employment with SAP and are in need of accommodation or special assistance to navigate our website or to complete your application, please send an e-mail with your request to Recruiting Operations Team: Careers@sap.com.

For SAP employees: Only permanent roles are eligible for the SAP Employee Referral Program, according to the eligibility rules set in the SAP Referral Policy. Specific conditions may apply for roles in Vocational Training.

Qualified applicants will receive consideration for employment without regard to their age, race, religion, national origin, ethnicity, gender (including pregnancy, childbirth, et al), sexual orientation, gender identity or expression, protected veteran status, or disability, in compliance with applicable federal, state, and local legal requirements.

Successful candidates might be required to undergo a background verification with an external vendor.

AI Usage in the Recruitment Process

For information on the responsible use of AI in our recruitment process, please refer to our Guidelines for Ethical Usage of AI in the Recruiting Process.

Please note that any violation of these guidelines may result in disqualification from the hiring process.

Requisition ID: 451358 | Work Area: Information Technology | Expected Travel: 0 - 10% | Career Status: Professional | Employment Type: Regular Full Time | Additional Locations: #LI-Hybrid