SAP Labs Pvt Ltd

Product Security Engineer, Expert (BB-1342D)

Found in: Neuvoo Bulk CA

S/4HANA Consumer Industries Cloud & Quote to Cash (CIC & Q2C) is a new business unit at SAP with a focus on Industry Cloud, an emerging market segment where SAP guides its customers towards evolving its industry-centric business models with new processes, tools, and business services. SAP CIC complements SAP's existing solution portfolio as well as helps the entire company keep pace with new market trends in Industry Cloud. The unit holistically targets the strategic industries Consumer Products, Retail, Wholesale, and Life Sciences. SAP software runs critical business processes and manages the most valuable assets and sensitive data of our customers and consumers. Providing secure access to and preserving the integrity, confidentiality and availability, data protection and privacy of these processes and data is key to our success and enforced by all SAP products and services. To comply with all security and DPP related requirements for our cloud-native Order Management Solution, we are looking for a product security expert. In this role, you shall work in close collaboration with several scrum teams as a subject matter expert and be the knowledge multiplier. EXPECTATIONS AND TASKS As a Product Security Engineer Expert, you will ensure consistent security of the products/applications/services you are aligned to (including both on-premise and cloud computing i.e. IaaS, SaaS, PaaS, etc.). Your responsibilities will consist of various technical and administrative activities e.g. planning the security measures during the initial phase, security review and testing during the development phase, or maintaining, monitoring, and incident response support during the utilization phase, etc. Your responsibilities will include - Define and guide security operations for the solution, e.g. threat modeling, planning security measures, security review, security testing, security validation, compliance validation, security maintenance, vulnerability patching, incident response. Integrate security into the continuous integration / continuous delivery and deployment pipeline Support/drive security audits as applicable and review/audit/ensure compliance to secure development lifecycle Plan and drive security testing and validation activities, including data protection and privacy assessments Collaborate with cross-functional teams to mitigate/resolve and ensure that security incidents are handled within defined SLAs and quality standards Ensure communication and escalation of high-risk vulnerabilities to leadership and other stakeholders; develop reports with findings and remediation steps for different audiences/stakeholders Identify needs for security training/learnings; coach /mentor junior security engineers on secure development lifecycle; drive/contribute to the creation and roll-out of relevant materials Review and maintain relevant documentation such as process workflows, and security guidelines Research latest trends and emerging technologies in security and development, and recommend solution upgrades for continuous improvements PREFERRED EXPERIENCE Masters degree in Computer engineering, computer science, or related. 7 years of experience working in cloud security Knowledge of security frameworks, development security operations principles and best practices for microservice architecture, secure programming in Java etc. Security certifications like CISSP, CISM, CCSP, Security , etc. are an asset Project management experience is a plus

calendar_today1 day ago

Similar jobs


work SAP Labs Pvt Ltd

I expressly authorise the Terms and Conditions