Requisition ID: 292966
Work Area: Software-Design and Development
Expected Travel: 0 - 10%
Career Status: Professional
Employment Type: Regular Full Time

COMPANY DESCRIPTION

SAP started in 1972 as a team of five colleagues with a desire to do something new. Together, they changed enterprise software and reinvented how business was done. Today, as a market leader in enterprise application software, we remain true to our roots. That’s why we engineer solutions to fuel innovation, foster equality and spread opportunity for our employees and customers across borders and cultures.
SAP values the entrepreneurial spirit, fostering creativity and building lasting relationships with our employees. We know that a diverse and inclusive workforce keeps us competitive and provides opportunities for all. We believe that together we can transform industries, grow economics, lift up societies and sustain our environment. Because it’s the best-run businesses that make the world run better and improve people’s lives.

Role Location: This role can be 100% remote in the US or Canada

About SAP Ariba: 
Ariba, an SAP Company makes business commerce as easy as consumer commerce. Every day, we help our customer find opportunities to cut costs, reduce risk, and grow revenue through better collaboration with trading partners. We enable the collaboration through the Ariba Network – a cloud-based community where you will find buying, selling, and managing cash to be as easy as using Amazon, eBay, and PayPal. We also host other online communities where business commerce professionals’ network and share information and best practices, just like friends on Facebook. 

Role Summary: 

As a Senior Information Security Engineer at SAP Ariba, you will lead the effort to secure the world’s #1 cloud procurement platform. You and a team of security architects will set the direction and coordinate efforts across the Ariba operations and platform on all security topics. You will also closely coordinate with your peers in the other SAP cloud businesses and the SAP Global Security team to help develop the overall strategy and ensure that Ariba is aligned to it.

Role Expectations and Tasks:

• Direct experience with vulnerability management, anti-virus software, intrusion detection, web application firewalls, network firewalls, device hardening, and content filtering
• Knowledge of risk assessment tools, technologies and methods
• Experience designing secure networks, systems and application architectures
• Knowledge of computer forensic tools, technologies and methods
• Experience planning, researching and developing security policies, standards and procedures
• Professional experience in a linux system administration role supporting multiple platforms and applications
• Ability to communicate network security issues to peers and management
• Ability to read and use the results of malicious code, and anti-virus software
• Support exception and risk management processes, by documenting vulnerability scan and remediation exception requests and risks as needed.
• Assist with remediation of control deficiencies identified during the audit process. 

Role Requirements and Qualifications:

• 5-7 years’ professional experience with 3-5 years involving security, vulnerability management, risk management, compliance, and other applicable skills 
• Experience with IT security and privacy risk assessments and audits of IT general security controls 
• Comprehensive knowledge of APT actors, tools, techniques and procedures
• Knowledge of Mitre and Cyber Kill Chain methods
• Broad vulnerability scanning experience (network, operating systems, applications, database,
• containers)
• In-depth experience in medium to complex computing environments, with advanced 
• Experience working with virtual machines and containers (Docker, Kubernetes)
• Good working knowledge of infrastructure security concepts including firewalls, DMZs, intrusion
• detection/prevention systems, network security, application security concepts, password
• management, RBAC, access provisioning, SIEM and OWASP a plus 
• Experience with the phases of the software development lifecycle 
• Experience with common vulnerability scanning and penetration testing tools 
• Knowledge of common computer security issues, including network and application vulnerabilities 
• Knowledge of Linux and its security a plus 
• Understanding of various cloud environments (GCP, AWS, Azure) security and vulnerability management.
• Post-secondary qualifications involving technical analysis, financial services, problem solving, and
• writing
• Thorough understanding of computer networking, routing, and protocols

Competencies:

• Interpersonal skills and team player to maintain collaborative relationships throughout the company
• and with customers
• Experience in a customer-facing, support, consulting, or sales role
• Attention to detail, especially with written work such as legal contracts and customer-facing
• communications
• Ability to think and work analytically
• Ability to work independently
• Ability to document policies, procedures, and technical diagrams
• Ability to manage a substantial unplanned workload with short deadlines
• Must be capable of working with limited direct supervision

#LI-REMOTE

#SAPSecurityCareersPE

SAP'S DIVERSITY COMMITMENT
To harness the power of innovation, SAP invests in the development of its diverse employees. We aspire to leverage the qualities and appreciate the unique competencies that each person brings to the company.
SAP is committed to the principles of Equal Employment Opportunity and to providing reasonable accommodations to applicants with physical and/or mental disabilities. If you are interested in applying for employment with SAP and are in need of accommodation or special assistance to navigate our website or to complete your application, please send an e-mail with your request to Recruiting Operations Team (Americas: Careers.NorthAmerica@sap.com or Careers.LatinAmerica@sap.com, APJ: Careers.APJ@sap.com, EMEA: Careers@sap.com). Requests for reasonable accommodation will be considered on a case-by-case basis.
EOE AA M/F/Vet/Disability:
Qualified applicants will receive consideration for employment without regard to their age, race, religion, national origin, gender, sexual orientation, gender identity, protected veteran status or disability.
Additional Locations :Virtual - USA