Audit & Risk Expert (f/m/d): Delos Cloud
About Delos Cloud
Delos Cloud, a start-up founded by SAP, strives to deliver a sovereign cloud platform for the digitaltransformation of the German public sector. The platform is an essential component for the implementation ofthe German Administrative Cloud Strategy (DVS) in compliance with all relevant data protection, IT security,and secrecy requirements of the BSI. Delos Cloud is a trusted partner of the federal, state, and local IT serviceproviders and complements their service portfolio. Therefore, you will find exciting and varied tasks in aninnovative and meaningful environment. For more information, please visit: www.deloscloud.de
Your Future Role & Responsibilities:
- Monitor and audit the organization's compliance level towards legal requirements, guidelines / policies or industrial standards based on the internal Multi-Compliance Framework.
- Planning, organization, and performance of internal audits as financial, operational, process or system audits.
- Develop and manage the internal and external audit program and plan.
- Conduct risk assessments and business impact analyses to identify vulnerabilities and develop strategies for risk mitigation.
- Identify and assess potential risks across various areas of the organization, including operational, financial, strategic, and compliance risks.
- Evaluation of risks and related internal controls, and subsidiary audits incl. subcontractors and partners.
- Assess the effectiveness of the internal control systems, covering the integrated Management System landscape, which include policies, procedures, to prevent fraud, errors, and mismanagement.
- Monitor and evaluate the effectiveness of risk mitigation measures and adjust strategies as necessary
- Identify areas of vulnerability, such as fraud risks or operational inefficiencies, and recommend measures to mitigate those risks.
- Prepare detailed audit reports, document findings, and make recommendations to management for improving processes, controls, and risk management.
- Track the implementation of audit recommendations and assess their effectiveness.
- Stay updated on industry best practices, emerging risks, and regulatory changes to enhance the effectiveness of internal audits.
- Establish IT security audit procedures relevant to Information Security Standards and other regulations, e.g., data privacy laws.
- Collaborate with representatives of federal administration, business partners and SAP internal units to enforce existing/ new compliance requirements, policy exceptions and to drive internal and external audit processes.
- Develop program performance indicators and metrics pertaining to risk and compliance; report performance to leadership against established metrics
Profile & Required Skills:
- Excellent understanding of compliance and auditing practices and methodology (e.g. ISAE 3000/ISAE 3402 (SOC 1/SOC, ISO22301, ISO 9001)
- IT Security laws, management standards (BSI IT-Grundschutz, BSI Standards 200-1, 200-2, 200-3, and 200-4, C5, ISO 27001), regulations, strategies, processes, and services
- In-depth knowledge of risk management principles, methodologies, and best practices.
- Strong analytical and problem-solving skills, with the ability to assess and mitigate risks effectively.
- Highly skilled in risk related activities
- Certifications like CPA, CISA, CISM, CRM, or CRISC are an asset
- Highly skilled in security, audit and compliance related activities.
- Focus on Quality and Results
- Excellent theoretical and practical knowledge of IT Processes as well as of the underlying Policies
- Teamwork and collaboration
- Fluent German and English language skills both written and oral
- 10+ years professional experience in auditing (IT Audit and Governance, Risk, Compliance)
- Experience in security operations and coordination of contracted 3rd party resources
#DelosCloud
We win with inclusion
Our culture of inclusion, focus on health and well-being, and flexible working models help ensure thateveryone – regardless of background – feels included and can run at their best. At Delos Cloud, we believe weare made stronger by the unique capabilities and qualities that each person brings to our company, and weinvest in our employees to inspire confidence and help everyone realize their full potential. We ultimatelybelieve in unleashing all talent and creating a better and more equitable world.
Delos Cloud is proud to be an equal opportunity workplace and is an affirmative action employer. We arecommitted to the values of Equal Employment Opportunity and provide accessibility accommodations toapplicants with physical and/or mental disabilities. If you are interested in applying for employment with DelosCloud and are in need of accommodation or special assistance to navigate our website or to complete yourapplication, please send an e-mail with your request to Recruiting Operations Team: Careers@sap.com.
For SAP employees: Only permanent roles are eligible for the SAP Employee Referral Program, according to the eligibility rules set in the SAP Referral Policy. Specific conditions may apply for roles in Vocational Training.
Requisition ID: 401660 | Work Area: Information Technology | Expected Travel: 0 - 10% | Career Status: Professional | Employment Type: Regular Full Time | Additional Locations: Walldorf or Berlin | #LI-Hybrid