Senior SAP Cyber Security Professional

Together, we can beat cancer.

At Varian, a Siemens Healthineers Company, we bring together the world's best talent to realize our vision of a world without fear of cancer. Together, we work passionately to develop and deliver easy-to-use, efficient oncology solutions.

We are part of an incredible community of scientists, clinicians, developers, researchers, professionals, and skilled specialists pushing the boundaries of what’s possible, to improve people’s lives around the world. We embrace a culture of inclusivity in which the power and potential of every individual can be unleashed. We spark ideas that lead to positive impact and continued success.

If you want to be part of this important mission, we want to hear from you. 

• Identify potential security enhancements in SAP solutions and collaborate seamlessly with cross-functional teams, including system owners, technical administration, and QA, to ensure the robust security posture of our SAP solutions.
• Serve as the representative for the SAP Center of Excellence (CoE) unit in system security, audits, and compliance activities. Cultivate strong partnerships with security teams to uphold a secure environment.
• Operate within a team of specialists focusing on System Security, Compliance, and Quality. Efficiently manage, support, and coordinate all activities related to internal and external SAP Systems and Quality audits, including necessary remediation efforts.
• Foster collaboration with SAP System Owners, SHS Audit, external audit partners (e.g., PWC), other CoE SAP departments, and the CoE SAP Executive Team. Resolve issues promptly and achieve audit and compliance conformity while upholding high-quality standards.
• Execute system-specific Measurement plans, conduct Vulnerability classification and protection assessments, and provide comprehensive security awareness training for the CoE SAP team.
• Prepare, design, and create SAP security/ISEC training materials. Maintain SAP Security records in a central CMDB and related IT tools & applications.
• Represent SHS IT SAP CAS on various communication channels, covering all aspects of SAP Security. Monitor and report target achievements, delivering KPIs for Performance Management, including the correct implementation and operation of ISEC requirements through process assessment.
• Act as the interface between SHS IT SAP, SHS ISEC, and Siemens AG CT CYS, communicating and representing all organizational levels. Serve as a single point of contact for any SAP Security escalation.
• Ensure the adequate monitoring of SAP source code (CTM ABAP) and oversee the implementation of SAP CERT MP (CTM CERT), including comprehensive reporting.
• Developed and documented risk-based security concepts, providing support in creating adequate protection concepts.
• Track and address ISEC vulnerabilities and tasks within the ISEC organization, collaborating closely with the SAP operations team.
• Ensure the fulfillment and adherence to internal and external compliance regulations.

Typical Education and Experience:

• Bachelor’s degree or higher in computer science or a related field, coupled with 7-9 years of experience in a system security-related role.

  
  

• Demonstrate 6-9 years of expertise in designing and implementing security controls for SAP landscapes, including S4, GRC, ERP, and SAP SaaS Solutions.

  
  

• Showcase operational proficiency in designing, deploying, and supporting security solutions across On-premise, IaaS, and SaaS environments.

  
  

• Exhibit a solid understanding of IT Service Management, ITIL V3, and IT Quality & Compliance.

  
  

• Display strong knowledge in software security and/or operational security, encompassing threat modeling, code review, vulnerability testing, and secure programming.

  
  

• Familiarity with ISO9001/27001 and knowledge of regulatory requirements for non-product software in a global healthcare products and services business.

  
  

• Awareness of security frameworks, such as the NIST Cybersecurity Framework, and proficiency in risk management methodologies.

  
  

Varian is required to comply with all local and applicable regulations that may be associated with vaccine requirements for certain roles.

Fighting cancer calls for big ideas.

We envision a world without fear of cancer. Achieving this vision takes dedication and commitment from all of us, every single day. That's why we celebrate and value the distinctly beautiful and intersectional identities of each of our employees. We are a mirror of our patient-base, which allows us to innovate. Big ideas come from everywhere, and the best ideas are fostered by our unique individual experiences. At Varian, we encourage you to bring your whole self to work and believe your bold and authentic perspective will help to power more victories over cancer.

#TogetherWeFight

Privacy Statement