SAP Software Security Specialist Job in Sofia, Bulgaria

Requisition ID: 126809

Work Area: Software-Design and Development

Expected Travel: 0 - 10%

Career Status: Professional

Employment Type: Regular Full Time


As market leader in enterprise application software, SAP helps companies of all sizes and industries innovate through simplification. From the back office to the boardroom, warehouse to storefront, on premise to cloud, desktop to mobile device – SAP empowers people and organizations to work together more efficiently and use business insight more effectively to stay ahead of the competition. SAP applications and services enable customers to operate profitably, adapt continuously, and grow sustainably.

As you know, SAP’s vision is to help the world run better and improve people’s lives.

As THE cloud company powered by SAP HANA®, SAP is a market leader in enterprise application software, helping companies of all sizes and industries Run Simple.

We empower people and organizations to work together more efficiently and use business insight more effectively. SAP applications and services enable our customers to operate profitably, adapt continuously, and grow sustainably.

Products and Innovations Technology Unit mission is to Innovate and deliver the leading technology platform powered by HANA for SAPs customers, partners and developer ecosystem to build, extend and run their business solutions securely. Be it on-premise with NetWeaver for S/4 HANA or in the Cloud with HANA Cloud Platform and HANA Cloud Integration the technology platform provides a simplified user experience with Fiori and is mobile enabled with HCP mobile services.


Products and Innovations Technology Security Unit is responsible for the end-to-end security, data protection and compliance of SAPs Technology development and operations.

The mission of Technology Security Unit in Sofia, Bulgaria is to define and develop technology to help businesses centrally and securely manage their access and identities in a complex landscapes, including SAP and non-SAP systems in the Cloud and on-premises as well as to ensure security and compliance of of HANA Cloud Platform.

We are looking for a developer with security knowledge or willingness to grow in software security who will be part of a team responsible for vulnerability management, security assessment and monitoring, hardening and security development activities with focus on SAP HANA Cloud Platform.


  • Builds up knowledge and keeps it up-to-date in regards of security, products and services in the area of responsibility (especially their security aspects)

  • Recognizes security deficiencies in the product(s)/component(s)/service(s) in the area of responsibility

  • Contributes to centrally initiated security assessment/testing activities (pentesting)

  • Reviews findings in security messages and proposes a resolution. Supports developers in implementing fixes. Tracks handling of incidents, and if actions are taken in time, and resulting in a sufficient level of quality

  • Is tasked with ensuring that vulnerabilities reported from external sources are fixed on a priority

  • Reviews code scan findings to find patterns, and work out guidelines for resolution

  • Takes immediate countermeasures to address security issues

  • Implements checks to ensure secure operations of service(s) in the area of responsibility

  • Contributes to extension and improvement of the security knowledge base at SAP

  • Supports existing stakeholders and customers in case of security related questions


  • Education in Computer Science or related field

  • Experience with Eclipse development environment

  • Experience in Java and/or C

  • Experience with Unix and Unix shell commands

  • Experience in client-server programming and Cloud environment

  • Knowledge in IT knowledge (Operating systems, networking, databases)

  • Knowledge in software security (authentication mechanisms, cryptography, security breaches…) is an advantage

  • Knowledge in IT security knowledge (system and network security, firewalls, IPS, Proxies) is an advantage

  • Knowledge in DAST/IAST tools and web debugging tools e.g. Burp, Zap, ….) is an advantage

  • Knowledge in products for networking analyses and scanning (e.g. Nmap, Wireshark, ….) is an advantage

  • Decision-making and problem solving skills

  • Excellent collaboration and team and team building skills across different functional roles

  • Passionate about his/her work, self-motivated and results-oriented

  • Good understanding of the agile and lean software development process

  • Very good spoken and written English


  • At least 2 years of experience in software development

  • Experience in development security, security incidents management, information security

  • Experience in dealing with customers, global teams and processes


To harness the power of innovation, SAP invests in the development of its diverse employees. We aspire to leverage the qualities and appreciate the unique competencies that each person brings to the company.

SAP is committed to the principles of Equal Employment Opportunity and to providing reasonable accommodations to applicants with physical and/or mental disabilities. If you are interested in applying for employment with SAP and are in need of accommodation or special assistance to navigate our website or to complete your application, please send an e-mail with your request to Recruiting Operations Team (Americas: or , APJ: , EMEA: ). Requests for reasonable accommodation will be considered on a case-by-case basis.

Additional Locations: No Selection