Senior SAP Information Security & Risk Lead (CISO Domain)
Brussels-Capital
Digital - (Project) Management
Bachelor, Master
Work experience: 5-7
Reference number: 92672
You will join a large enterprise undergoing a multi-year SAP transformation, where legacy on-prem SAP landscapes are gradually being replaced by S/4HANA PCE and multiple SAP SaaS satellite solutions. Information security is a critical pillar of this transformation, driven centrally by the CISO organisation and closely aligned with regulatory obligations such as GDPR and NIS2.
This role strengthens the CISO capability within the ERP organisation, ensuring that security, risk management, compliance, and governance are embedded pragmatically across SAP projects and operations.
Role Description
- As Senior SAP Information Security & Risk Lead, you translate the central CISO strategy into practical, implementable security solutions within a large SAP transformation program.
- You act as the primary CISO point of contact for SAP-related initiatives, supporting both transformation projects and existing SAP environments.
- You maintain and evolve the Information Security Management System (ISMS) for SAP solutions, aligned with international standards and regulatory requirements.
- You perform and coordinate information risk analyses, define mitigation actions, and ensure consistent follow-up across SAP projects and operations.
- You support ERP delivery teams by embedding security and risk management processes into SAP-supported business and IT processes.
- You manage and maintain the SAP-related section of the central information risk register and ensure risks and mitigations are clearly reported to business owners.
- You define requirements for cybersecurity tools and services within the SAP landscape and validate their implementation with internal teams and external partners.
- You collaborate with SAP Basis, Identity & Access Management, and CISO CSIRT teams on security operations and incident response.
- You support IT audits and compliance activities, facilitate audit findings, and follow up on remediation actions in close cooperation with Internal Audit and the DPO.
- You contribute to security governance, policies, standards, and awareness initiatives across the ERP organisation.
- You prepare and deliver structured reporting on security risks, compliance, progress, and findings to senior management and steering bodies.
What are we looking for?
- You have at least 5 years of experience as a CISO officer in a large enterprise environment.
- You have minimum 3 years of hands-on experience in IT Security & Risk Management within a SAP context.
- You have minimum 3 years of experience with IT audits and compliance for SAP solutions.
- You have minimum 3 years of experience implementing and operating CISO security solutions and services in a cloud-based SAP environment.
- You have led at least 2 full project lifecycles aimed at achieving or maintaining ISO 2700x and GDPR compliance in SAP environments.
- You have minimum 5 years of experience as SAP Project or Program Manager, including at least 3 years with SAP cloud-based solutions.
- You are fluent at C1 level in Dutch, French, and English.
Nice to Have
- Certifications such as PMP, CISSP, CISM, or CISA.
- Experience with S/4HANA, SAP BTP, and SAP SaaS products from a security and governance perspective.
- Experience reporting security and risk topics to executive and senior management.
What do we offer?
Location: Anderlecht, Brussels (hybrid)
Contract type: Freelance or Permanent
Start date: 23 February 2026
End date: 31 December 2026
)
