Audit & Risk Expert (f/m/d): Delos Cloud

About Delos Cloud
Delos Cloud, a start-up founded by SAP, strives to deliver a sovereign cloud platform for the digital transformation of the German public sector. The platform is an essential component for the implementation of the German Administrative Cloud Strategy (DVS) in compliance with all relevant data protection, IT security, and secrecy requirements of the BSI. Delos Cloud is a trusted partner of the federal, state, and local IT service providers and complements their service portfolio. Therefore, you will find exciting and varied tasks in an innovative and meaningful environment. For more information, please visit: www.deloscloud.de

Your Future Role & Responsibilities:

• Monitor and audit the organization's compliance level towards legal requirements, guidelines/policies, or industrial standards based on the internal Multi-Compliance Framework.
• Planning, organization, and performance of internal audits as financial, operational, process, or system audits.
• Develop and manage the internal and external audit program and plan.
• Conduct risk assessments and business impact analyses to identify vulnerabilities and develop strategies for risk mitigation.
• Identify and assess potential risks across various areas of the organization, including operational, financial, strategic, and compliance risks.
• Evaluation of risks and related internal controls, and subsidiary audits incl. subcontractors and partners.
• Assess the effectiveness of the internal control systems, covering the integrated Management System landscape, which includes policies and procedures to prevent fraud, errors, and mismanagement.
• Monitor and evaluate the effectiveness of risk mitigation measures and adjust strategies as necessary.
• Identify areas of vulnerability, such as fraud risks or operational inefficiencies, and recommend measures to mitigate those risks.
• Prepare detailed audit reports, document findings, and make recommendations to management for improving processes, controls, and risk management.
• Track the implementation of audit recommendations and assess their effectiveness.
• Stay updated on industry best practices, emerging risks, and regulatory changes to enhance the effectiveness of internal audits.
• Establish IT security audit procedures relevant to Information Security Standards and other regulations, e.g., data privacy laws.
• Collaborate with representatives of federal administration, business partners, and SAP internal units to enforce existing/new compliance requirements, policy exceptions, and to drive internal and external audit processes.
• Develop program performance indicators and metrics pertaining to risk and compliance; report performance to leadership against established metrics.

Profile & Required Skills:

• Excellent understanding of compliance and auditing practices and methodology (e.g. ISAE 3000/ISAE 3402 (SOC 1/SOC), ISO 22301, ISO 9001).
• IT Security laws, management standards (BSI IT-Grundschutz, BSI Standards 200-1, 200-2, 200-3, and 200-4, C5, ISO 27001), regulations, strategies, processes, and services.
• In-depth knowledge of risk management principles, methodologies, and best practices.
• Strong analytical and problem-solving skills, with the ability to assess and mitigate risks effectively.
• Highly skilled in risk-related activities.
• Certifications like CPA, CISA, CISM, CRM, or CRISC are an asset.
• Focus on Quality and Results.
• Excellent theoretical and practical knowledge of IT Processes as well as of the underlying Policies.
• Teamwork and collaboration.
• Fluent German and English language skills both written and oral.
• EU citizenship.

Work experience:

• 10+ years professional experience in auditing (IT Audit and Governance, Risk, Compliance).
• Experience in security operations and coordination of contracted 3rd party resources.

We win with inclusion

Our culture of inclusion, focus on health and well-being, and flexible working models help ensure that everyone – regardless of background – feels included and can run at their best. At Delos Cloud, we believe we are made stronger by the unique capabilities and qualities that each person brings to our company, and we invest in our employees to inspire confidence and help everyone realize their full potential. We ultimately believe in unleashing all talent and creating a better and more equitable world.
Delos Cloud is proud to be an equal opportunity workplace and is an affirmative action employer. We are committed to the values of Equal Employment Opportunity and provide accessibility accommodations to applicants with physical and/or mental disabilities. If you are interested in applying for employment with Delos Cloud and are in need of accommodation or special assistance to navigate our website or to complete your application, please send an e-mail with your request to Recruiting Operations Team: Careers@sap.com.

Requisition ID: 401660 | Work Area: Information Technology | Expected Travel: 0 - 10% | Career Status: Professional | Employment Type: Regular Full Time | Additional Locations: Walldorf or Berlin | #LI-Hybrid