SAP Infrastructure Security Engineer Job in Palo Alto, California
Requisition ID: 124808
Work Area: Information Technology
Expected Travel: 0 - 10%
Career Status: Professional
Employment Type: Regular Full Time
As market leader in enterprise application software, SAP helps companies of all sizes and industries innovate through simplification. From the back office to the boardroom, warehouse to storefront, on premise to cloud, desktop to mobile device – SAP empowers people and organizations to work together more efficiently and use business insight more effectively to stay ahead of the competition. SAP applications and services enable customers to operate profitably, adapt continuously, and grow sustainably.
Job Location: Palo Alto, CA
Security and Privacy are vital components of SAP Ariba's success as a cloud company. Our customers entrust us with their Sensitive Business Transactional Data and a limited amount of Personally Identifiable Information because of the value that we add by processing that data for them. If you want to be a game changer in building confidence in the cloud for our customers, consider joining our team. We are looking for ambitious people who thrive in a dynamic environment, and are passionate about security and ready for a challenge.
SAP Ariba’s Security, Privacy and Governance (SPG) team is responsible for identifying, assessing and managing threats, vulnerabilities, and associated risks to Ariba’s information assets and resources. This includes providing expertise and partnership at the inception, implementation and operation phases of IT solutions.
The Security Engineer (Infrastructure) will consult with internal groups and development teams to design secure infrastructure and operations solutions. This includes assessing risk and ensuring that internal infrastructure and cloud-based implementations are consistent with security standards through architecture review, risk assessment, threat analysis and required compliance obligations. The candidate is expected to be a seasoned security professional and a team player with a strong drive for results and continual improvement.
The engineer will advise teams of best practices for secure deployments, security architecture, and integration with control frameworks. The engineer will also participate in infrastructure security projects to develop specifications for complex network security protection technologies for data and network systems/applications.
Primary Job Responsibilities:
Ability to understand the risks and security issues associated with infrastructure (such as servers, networks and storage) and able to clearly articulate them to business users and technical personnel.
Ability to build and maintain constructive working relationships with a diverse community of technical and non-technical audiences. Ability to effectively communicate with and influence these audiences as well.
Experience performing information security assessments of new network and infrastructure technology products (e.g. VPN, network storage, Microservices etc).
Deep security experience and knowledge in one or more of the following security domains:
Server security (RedHat Enterprise, Oracle, hardening, anti-malware, logging)
Network security (e.g., network device hardening, firewalls, network segregation, VPNs, network monitoring).
Privileged Access (e.g., password vault/manager, least privilege lockdown of systems, roles-based access control).
Experience with directory security technologies (e.g. Active Directory group policy objects, etc.).
Experience in setting security strategy, architecture and roadmaps to improve security controls in infrastructure and network
Routinely involved in discussions around standards and best practices.
Good understanding of information security and risk management frameworks such as ISO27001.
Strong written, verbal, and inter-personal communication skills.
In order to be successful, the ideal candidate must be, without a doubt, passionate about our customers, partners and technology. Success will depend upon building rapport and credibility with multiple stakeholders across SAP Ariba.
5 years providing network and infrastructure security consulting services to both business and technology audiences in cloud technology and/or consumer organizations.
7 years experience in Security and Risk Management
Advanced knowledge of key information risk management and security related standards including OWASP, ISO 2700x series, PCI-DSS, GLBA, EU Data Security and Privacy Acts, FFIEC guidelines, and NIST standards.The ideal candidate will have the following qualities:
Bachelor’s Degree or equivalent desired.
Industry certifications including relevant SANs, CISSP, CRISC, and/or CISA
Successful track record of working with both business and technical customers to achieve business goals and meet requirements
Knowledgeable in Cloud Security, Application and Web Application Security and the concepts, techniques, tools, methods and practices used to secure them
Strong communication skills and ability to influence others
Excellent planning ability and business acumen
Able to see the “big picture” and contribute to development of technical roadmaps
Must be organized and goal/execution orientedEducationBachelors Degree or Equivalent
SAP'S DIVERSITY COMMITMENT
To harness the power of innovation, SAP invests in the development of its diverse employees. We aspire to leverage the qualities and appreciate the unique competencies that each person brings to the company.
SAP is committed to the principles of Equal Employment Opportunity and to providing reasonable accommodations to applicants with physical and/or mental disabilities. If you are interested in applying for employment with SAP and are in need of accommodation or special assistance to navigate our website or to complete your application, please send an e-mail with your request to Recruiting Operations Team (Americas: Careers.NorthAmerica@sap.com or Careers.LatinAmerica@sap.com , APJ: Careers.APJ@sap.com , EMEA: C at mailto:Careers@sap.com firstname.lastname@example.org at mailto:email@example.com ). Requests for reasonable accommodation will be considered on a case-by-case basis.
EOE AA M/F/Vet/Disability:
Qualified applicants will receive consideration for employment without regard to their age, race, religion, national origin, gender, sexual orientation, gender identity, protected veteran status or disability.
Additional Locations: No Selection