SAP Cybersecurity Expert

Join us in pioneering breakthroughs in healthcare. For everyone. Everywhere. Sustainably.

Our inspiring and caring environment forms a global community that celebrates diversity and individuality. We encourage you to step beyond your comfort zone, offering resources and flexibility to foster your professional and personal growth, all while valuing your unique contributions.

We are seeking an experienced SAP Cybersecurity Professional to strengthen and advance the security posture of our enterprise SAP landscape. This role operates within the SAP Center of Excellence (CoE) and is responsible for driving system security, compliance, risk management, and secure lifecycle practices across SAP platforms and integrated IT services.

The successful candidate will collaborate with cross-functional teams including system owners, technical administration, quality assurance, audit organizations, and enterprise cybersecurity functions to ensure SAP solutions are secure, compliant, and resilient against evolving threats.

This position combines hands-on cybersecurity expertise with governance leadership, audit coordination, and strategic advisory responsibilities.

Key Responsibilities:

SAP Security Governance & Architecture

• Define and maintain SAP security configurations, hardening standards, and protection concepts aligned with enterprise cybersecurity policies.
• Identify and implement continuous security improvements across SAP applications and services.
• Develop and maintain risk-based SAP security blueprints and technical security standards.

Audit, Compliance & Regulatory Management

• Serve as the SAP CoE representative for system security audits and compliance activities.
• Coordinate internal and external audits, including collaboration with corporate audit teams and external partners.
• Manage remediation activities and ensure timely closure of audit findings.
• Ensure compliance with internal security requirements and applicable regulatory frameworks.

Risk, Vulnerability & Threat Management

• Conduct threat and risk analyses and define mitigation strategies aligned with organizational risk acceptance criteria.
• Execute vulnerability assessments, classification, and protection evaluations.
• Monitor SAP source code security and oversee implementation of SAP security correction programs.
• Drive vulnerability remediation activities in collaboration with SAP operations teams.

Secure Development & Release Assurance

• Review architecture, design, and implementation artifacts to ensure security-by-design principles.
• Support secure release approvals at defined project milestones and quality gates.
• Validate SAP applications through security testing, penetration testing coordination, and security reviews.

Cross-Functional Collaboration

• Partner with SAP System Owners, Basis teams, QA, and development teams to ensure secure system operations.
• Act as a central interface between SAP IT, enterprise cybersecurity organizations, and business stakeholders.
• Provide cybersecurity guidance throughout the SAP solution lifecycle.

Security Operations & Supporting Services

• Support implementation and governance of cybersecurity services such as SIEM integration, malware protection, and monitoring solutions within SAP environments.
• Track and report SAP security KPIs and performance metrics.

Training, Awareness & Documentation

• Develop and deliver SAP security and compliance awareness training programs.
• Maintain SAP security documentation and records within CMDB and related IT management tools.
• Integrate lessons learned into continuous improvement and awareness initiatives.

Third-Party & Supplier Security

• Support evaluation of third-party vendors, cloud providers, and service offerings from a cybersecurity perspective.
• Contribute to security requirements in contracts and supplier governance processes.

Required Qualifications

• Bachelor’s or Master’s degree in Information Security, Computer Science, Information Technology, or related field.
• Proven experience in SAP Security and Cybersecurity within enterprise environments.
• Strong knowledge of SAP authorization concepts, system security, and SAP landscape architecture.
• Experience supporting audits and compliance programs within regulated environments.
• Solid understanding of risk management, vulnerability management, and incident handling processes.
• Familiarity with cybersecurity standards and frameworks such as ISO 27001, NIST, GDPR, or HIPAA.
• Strong stakeholder management and cross-functional collaboration skills.

Preferred Qualifications

• Experience working within an SAP Center of Excellence or large global SAP environment.
• Knowledge of SAP Secure Operations, SAP CERT notes, and ABAP security analysis.
• Experience with SIEM integration and enterprise security monitoring.
• Relevant certifications such as CISSP, CISM, SAP Security certification, or equivalent.

#Hybrid

Who we are: We are a team of more than 72,000 highly dedicated Healthineers in more than 70 countries. As a leader in medical technology, we constantly push the boundaries to create better outcomes and experiences for patients, no matter where they live or what health issues they are facing. Our portfolio is crucial for clinical decision-making and treatment pathways.

How we work: When you join Siemens Healthineers, you become one in a global team of scientists, clinicians, developers, researchers, professionals, and skilled specialists, who believe in each individual’s potential to contribute with diverse ideas. We are from different backgrounds, cultures, religions, political and/or sexual orientations, and work together, to fight the world’s most threatening diseases and enable access to care, united by one purpose: to pioneer breakthroughs in healthcare. For everyone. Everywhere. Sustainably.

To find out more about Siemens Healthineers businesses, please visit our company page here.

The base pay range for this position is:

$151,100 - $207,757

Factors which may affect starting pay within this range may include geography/market, skills, education, experience, and other qualifications of the successful candidate.

If this is a commission eligible position the commission eligibility will be in accordance with the terms of the Company's plan. Commissions are based on individual performance and/or company performance.

The Company offers the following benefits for this position, subject to applicable eligibility requirements: medical insurance, dental insurance, vision insurance, 401(k) retirement plan. life insurance, long-term and short-term disability insurance, paid parking/public transportation, paid time off, paid sick and safe time.

Equal Employment Opportunity Statement: Siemens Healthineers is an Equal Opportunity and Affirmative Action Employer encouraging diversity in the workplace. All qualified applicants will receive consideration for employment without regard to their race, color, creed, religion, national origin, citizenship status, ancestry, sex, age, physical or mental disability unrelated to ability, marital status, family responsibilities, pregnancy, genetic information, sexual orientation, gender expression, gender identity, transgender, sex stereotyping, order of protection status, protected veteran or military status, or an unfavorable discharge from military service, and other categories protected by federal, state or local law.

EEO is the Law: Applicants and employees are protected under Federal law from discrimination. To learn more, click here.

Reasonable Accommodations: Siemens Healthineers is committed to equal employment opportunity. As part of this commitment, we will ensure that persons with disabilities are provided reasonable accommodations.

If you require a reasonable accommodation in completing a job application, interviewing, completing any pre-employment testing, or otherwise participating in the employee selection process, please fill out the accommodations form here. If you’re unable to complete the form, you can reach out to our HR People Connect People Contact Center for support at peopleconnectvendorsnam.func@siemens-healthineers.com. Please note HR People Connect People Contact Center will not have visibility of your application or interview status.

California Privacy Notice: California residents have the right to receive additional notices about their personal information. To learn more, click here.

Export Control: “A successful candidate must be able to work with controlled technology in accordance with US export control law.” “It is Siemens Healthineers’ policy to comply fully and completely with all United States export control laws and regulations, including those implemented by the Department of Commerce through the Export Administration Regulations (EAR), by the Department of State through the International Traffic in Arms Regulations (ITAR), and by the Treasury Department through the Office of Foreign Assets Control (OFAC) sanctions regulations.”

Data Privacy: We care about your data privacy and take compliance with GDPR as well as other data protection legislation seriously. For this reason, we ask you not to send us your CV or resume by email. We ask instead that you create a profile in our talent community where you can upload your CV. Setting up a profile lets us know you are interested in career opportunities with us and makes it easy for us to send you an alert when relevant positions become open. Register here to get started.

Beware of Job Scams: Please beware of potentially fraudulent job postings or suspicious recruiting activity by persons that are currently posing as Siemens Healthineers recruiters/employees. These scammers may attempt to collect your confidential personal or financial information. If you are concerned that an offer of employment with Siemens Healthineers might be a scam or that the recruiter is not legitimate, please verify by searching for the posting on the Siemens Healthineers career site.

To all recruitment agencies: Siemens Healthineers does not accept agency resumes. Please do not forward resumes to our jobs alias, employees, or any other company location. Siemens Healthineers is not responsible for any fees related to unsolicited resumes.