SAP Software Security Specialist Job in Sofia, Bulgaria
Requisition ID: 126809
Work Area: Software-Design and Development
Expected Travel: 0 - 10%
Career Status: Professional
Employment Type: Regular Full Time
As market leader in enterprise application software, SAP helps companies of all sizes and industries innovate through simplification. From the back office to the boardroom, warehouse to storefront, on premise to cloud, desktop to mobile device – SAP empowers people and organizations to work together more efficiently and use business insight more effectively to stay ahead of the competition. SAP applications and services enable customers to operate profitably, adapt continuously, and grow sustainably.
As you know, SAP’s vision is to help the world run better and improve people’s lives.
As THE cloud company powered by SAP HANA®, SAP is a market leader in enterprise application software, helping companies of all sizes and industries Run Simple.
We empower people and organizations to work together more efficiently and use business insight more effectively. SAP applications and services enable our customers to operate profitably, adapt continuously, and grow sustainably.
Products and Innovations Technology Unit mission is to Innovate and deliver the leading technology platform powered by HANA for SAPs customers, partners and developer ecosystem to build, extend and run their business solutions securely. Be it on-premise with NetWeaver for S/4 HANA or in the Cloud with HANA Cloud Platform and HANA Cloud Integration the technology platform provides a simplified user experience with Fiori and is mobile enabled with HCP mobile services.
PURPOSE AND OBJECTIVES
Products and Innovations Technology Security Unit is responsible for the end-to-end security, data protection and compliance of SAPs Technology development and operations.
The mission of Technology Security Unit in Sofia, Bulgaria is to define and develop technology to help businesses centrally and securely manage their access and identities in a complex landscapes, including SAP and non-SAP systems in the Cloud and on-premises as well as to ensure security and compliance of of HANA Cloud Platform.
We are looking for a developer with security knowledge or willingness to grow in software security who will be part of a team responsible for vulnerability management, security assessment and monitoring, hardening and security development activities with focus on SAP HANA Cloud Platform.
EXPECTATIONS AND TASKS
Builds up knowledge and keeps it up-to-date in regards of security, products and services in the area of responsibility (especially their security aspects)
Recognizes security deficiencies in the product(s)/component(s)/service(s) in the area of responsibility
Contributes to centrally initiated security assessment/testing activities (pentesting)
Reviews findings in security messages and proposes a resolution. Supports developers in implementing fixes. Tracks handling of incidents, and if actions are taken in time, and resulting in a sufficient level of quality
Is tasked with ensuring that vulnerabilities reported from external sources are fixed on a priority
Reviews code scan findings to find patterns, and work out guidelines for resolution
Takes immediate countermeasures to address security issues
Implements checks to ensure secure operations of service(s) in the area of responsibility
Contributes to extension and improvement of the security knowledge base at SAP
Supports existing stakeholders and customers in case of security related questions
EDUCATION AND QUALIFICATIONS / SKILLS AND COMPETENCIES
Education in Computer Science or related field
Experience with Eclipse development environment
Experience in Java and/or C
Experience with Unix and Unix shell commands
Experience in client-server programming and Cloud environment
Knowledge in IT knowledge (Operating systems, networking, databases)
Knowledge in software security (authentication mechanisms, cryptography, security breaches…) is an advantage
Knowledge in IT security knowledge (system and network security, firewalls, IPS, Proxies) is an advantage
Knowledge in DAST/IAST tools and web debugging tools e.g. Burp, Zap, ….) is an advantage
Knowledge in products for networking analyses and scanning (e.g. Nmap, Wireshark, ….) is an advantage
Decision-making and problem solving skills
Excellent collaboration and team and team building skills across different functional roles
Passionate about his/her work, self-motivated and results-oriented
Good understanding of the agile and lean software development process
Very good spoken and written English
At least 2 years of experience in software development
Experience in development security, security incidents management, information security
Experience in dealing with customers, global teams and processes
SAP'S DIVERSITY COMMITMENT
To harness the power of innovation, SAP invests in the development of its diverse employees. We aspire to leverage the qualities and appreciate the unique competencies that each person brings to the company.
SAP is committed to the principles of Equal Employment Opportunity and to providing reasonable accommodations to applicants with physical and/or mental disabilities. If you are interested in applying for employment with SAP and are in need of accommodation or special assistance to navigate our website or to complete your application, please send an e-mail with your request to Recruiting Operations Team (Americas: Careers.NorthAmerica@sap.com or Careers.LatinAmerica@sap.com , APJ: Careers.APJ@sap.com , EMEA: Careers@sap.com ). Requests for reasonable accommodation will be considered on a case-by-case basis.
Additional Locations: No Selection