WE HELP THE WORLD RUN BETTER

At SAP, we enable you to bring out your best. Our company culture is focused on collaboration and a shared passion to help the world run better. How? We focus every day on building the foundation for tomorrow and creating a workplace that embraces differences, values flexibility, and is aligned to our purpose-driven and future-focused work. We offer a highly collaborative, caring team environment with a strong focus on learning and development, recognition for your individual contributions, and a variety of benefit options for you to choose from.

SUMMARY

The Industries & Customer Experience (I&CX) Trust Office Team is looking for a Product Security Engineer to assist the I&CX Secure Product Development Team in building up clear processes across all I&CX products to strengthen the product security posture, stabilize the secure product development and improve their maturity.

THE ROLE

• Builds up knowledge and keeps it up-to-date in regards of security, the SAP I&CX Products in the area of responsibility and the components, technologies and services used by it/them.
• Provides consulting to developers, knowledge management, quality assurance, operations members in the area of responsibility with their security related questions.
• Translates generic security requirements to guidelines specific to the SAP I&CX Products and is tasked with ensuring that vulnerabilities reported from external sources are fixed on a priority.
• Contributes to extension and improvement of the security knowledge base at SAP I&CX and assures that the security improvements of the SAP CX Products.
• Carries out security assessments, Pentesting results,Threat Modeling, to reveal architectural security issues and assists the team to reach a secure design.
• Responsible for the execution of the secure software development lifecycle and executes security-related operations processes and procedures.
• Contributes to centrally initiated security assessment/testing activities, assists our developers in implementing fixes and tracks handling of incidents, and if actions are taken in time, and resulting in a sufficient level of quality.
• Reviews code scan findings to find patterns, and work out guidelines for resolution and takes immediate countermeasures to address security issues.

ROLE REQUIREMENT

• Information Security experience in a broad technical role and thereof 4 - 7 years of project management experience in large scale, international, strategic projects Product Management and Agile experience.
• Bachelor or master’s degree in computer science, business informatics, natural sciences, engineering or comparable education.
• Good understanding of cloud infrastructure, load balancing, networking and security operations and ability to work in a global operations environment.
• Experience with cloud security concepts, solutions, and automation.
• Experince with Programming Languages like Java,Javascript.
• Experience in working with Hyperscaler - Cloud Security Infrastructure and knowledge of DevOps and incident management tools, e.g. Git, JIRA or equivalents.
  

  SAPSecurityCareers