Senior Cybersecurity Incident Response (IR) Communications Specialist Job Details | SAP

Job Description

Company: SAP

Location: IN

Information TechnologySenior Cybersecurity Incident Response (IR) Communications SpecialistWe help the world run better At SAP, we keep it simple: you bring your best to us, and we’ll bring out the best in you. We’re builders touching over 20 industries and 80% of global commerce, and we need your unique talents to help shape what’s next. The work is challenging – but it matters.

You’ll find a place where you can be yourself, prioritize your wellbeing, and truly belong. What’s in it for you? Constant learning, skill growth, great benefits, and a team that wants you to grow and succeed.

What you’ll build In this role, you will be a key member of SAP’s cybersecurity incident response (IR) communications team, responsible for leading and coordinating communications during significant cybersecurity and data privacy incidents and major vulnerability events (“Security Events”).

The IR Communications Team acts as the central point of contact for enquiries by customer and customer-facing teams throughout the lifecycle of the Security Event, ensuring that information shared to them is accurate, timely and auditable.

You will be involved throughout the lifecycle of the Security Event – from initial investigation through containment, remediation, recovery and afteraction reviews.

It is critical that you are able to collaborate and align across multiple internal departments including SAP’s Cyber Legal, Data Protection and Privacy, Security, Product Engineering, Customer Support and other stakeholders to provide precise and effective Security Event communications in a manner that maintains customers’ confidence in SAP’s handling of the Security Event.

Your work will help ensure continued trust in SAP during high-pressure security events.

• Own and manage communications for major Security Events, including crisis-level events.
• Coordinate incident notifications, status updates and escalations in line with established response processes and approved communication templates.
• Serve as the primary communications interface for customer, field and internal stakeholder enquiries related to Security Events.
• Participate in Security Event triage calls and support decision-making with clear, concise communication.
• Ensure all communications are aligned across technical, legal and business stakeholders.
• Maintain a complete, auditable record of incident communications, decisions and approvals.
• Support and lead post-incident reviews, including lessons learned and continuous improvement initiatives.
• Identify opportunities to enhance Security Event communication, notification and escalation processes.
• Operate independently while managing multiple priorities in a fast-paced, global environment.
What you bring • Solid experience in cybersecurity incident response, incident communications, crisis management, program/project management or related roles in a global technology enterprise environment.
• Demonstrated ability to stay positive and perform effectively under pressure and during fast-paced, high-impact events. Self-starter, motivated, organized, attention to details would be highly valued.
• Excellent written and verbal communication skills, including the ability to translate complex technical information for executive and non-technical audiences and draft in a legally compliant way.
• Strong stakeholder management capabilities and experience handling escalations. Experience in or collaborating with legal, privacy, regulatory and/or compliance teams would be highly valued.
• Solid project management and issue resolution skills, including planning, prioritization and tracking risks and issues through resolution.
• High degree of discretion and professionalism when handling legally sensitive and confidential information, in line with Legal’s guidance.
• Comfortable working in a virtual, globally distributed organization across multiple time zones.
• Knowledge of cybersecurity, data protection, regulatory compliance concepts and workflows. In particular, familiarity with established security and risk management frameworks and regulations such as ISO27001, SOC2, NIST CSF, EU GDPR, EU DORA would be valued.
• Experience working with cloud-based service delivery models.
• Experience with enterprise collaboration or ticketing tools such as Jira, MS Sharepoint, MS Power BI, MS Power Automate, ServiceNow would be a plus.
• Bachelor’s degree (or higher degree) in Cybersecurity, Information Security, Law, Communications or related discipline preferred; industry certifications such as CISA, CISSP, CCSP, CISM, IAPP CIPPE would be a plus.
Where you belong This senior role is integral to our team, and we look forward to welcoming

Source: BeBee