We help the world run better
At SAP, we enable you to bring out your best. Our company culture is focused on collaboration and a shared passion to help the world run better. How? We focus every day on building the foundation for tomorrow and creating a workplace that embraces differences, values flexibility, and is aligned to our purpose-driven and future-focused work. We offer a highly collaborative, caring team environment with a strong focus on learning and development, recognition for your individual contributions, and a variety of benefit options for you to choose from.
Summary
The GCS SRRC Hyperscaler Security Engineering team works on automating and administering Hyperscaler (IBM Cloud, AWS, Azure, GCP and AliCloud) security solutions. We are a geographically dispersed team who provides security configuration compliance scanning across all SAP public cloud environments. Our solutions allow SAP lines of business to increase their security by giving them critical security controls based on SGS policy. We utilize a combination of cloud native security tooling, automation, and processes to identify configuration gaps and provide actionable steps to remediate them.
What you'll do
• Develop and Implement Security Solutions: Design and implement robust security controls and strategies across cloud platforms (AWS, Azure, GCP, or Ali) to protect data and ensure regulatory compliance.
• Automate Security Operations: Develop and manage Security Orchestration, Automation, and Response (SOAR) workflows to automate incident response and improve operational efficiency.
• Integrate and Optimize Security Tools: Integrate CNAPP, CWP, and CSPM platforms with SOAR solutions to streamline security operations and enhance visibility across the cloud environment.
• Build Security Orchestration Platforms: Lead the development of comprehensive security orchestration platforms that automate data collection, threat detection, and incident remediation.
• Create APIs and Data Pipelines: Design and implement APIs and data pipelines to ensure smooth communication between security tools and the orchestration platform, enabling real-time data exchange.
• Threat Detection and Monitoring: Develop advanced real-time monitoring systems to correlate and analyze security data from various sources, proactively identifying and responding to threats.
• Collaborate Across Teams: Work with global teams to gather requirements, align security strategies with business objectives, and ensure seamless integration of security solutions across different environments.
• Conduct Security Assessments: Perform regular security assessments and audits to identify vulnerabilities, evaluate security posture, and implement corrective actions.
• Mentor and Train Team Members: Provide guidance and mentorship to junior security engineers, fostering a culture of continuous learning and security best practices within the organization.
• Stay Updated on Emerging Threats: Continuously research and stay informed about the latest security threats, trends, and technologies to enhance the organization's overall security posture and implement proactive measures.
What you bring
• SecDevOps Expertise: Mastery in at least one area such as Security as Code, CI/CD, Infrastructure as Code, Secure Coding Practices, Security Governance, Orchestration, or modern cloud services.
• Cloud Security: Demonstrated expertise in developing security controls on at least one major public cloud platform (AWS, Azure, GCP, Ali).
• SOAR and Cloud Security Tools:
o Experience in implementing and managing SOAR platforms to automate and improve incident response processes using Cloud Security Tools.
o Knowledge of CNAPP (Cloud-Native Application Protection Platform), CWP (Cloud Workload Protection), and CSPM (Cloud Security Posture Management) platforms to enhance automated security operations and streamline compliance efforts.
o Ability to design automated SOAR workflows that integrate with CNAPP, CWP, and CSPM to collect and analyze security data, identify threats, and automate remediation.
• Security Orchestration Platform Development:
o Proven experience in designing and developing a comprehensive security orchestration platform for cloud environments.
o Ability to create automated workflows that collect and integrate data from various security tools and systems, such as threat intelligence feeds, SIEMs (Security Information and Event Management), and vulnerability management systems.
o Expertise in building robust APIs and data pipelines to ensure seamless communication between different security components.
o Experience in aggregating and normalizing security data to provide a centralized view of security events, vulnerabilities, and compliance status.
o Capability to automate incident response actions and remediation processes using custom scripts or pre-built playbooks.
o Strong understanding of real-time monitoring and the ability to correlate security data from multiple sources for advanced threat detection and analysis.
• Experience:
o 10+ years in a security engineering role working with cloud technologies.
o 10+ years of experience applying Agile and continuous improvement principles.
• Development Skills: Strong programming background in Python, Java, or Go.
• Change Management: Familiarity with coding change management tools such as Jira and Git.
• Global Collaboration: Experience working with global teams across different time zones.
• Problem Solving: Strong analytical, reasoning, and decision-making skills.
• Communication: Excellent written and oral communication skills, with the ability to document and present complex information effectively.
Growth Mindset: Willingness to continuously learn and adapt to new technologies and methodologies
Meet your team
The GCS SRRC Hyperscaler Security Engineering team works on automating and administering Hyperscaler (IBM Cloud, AWS, Azure, GCP and AliCloud) security solutions. We are a geographically dispersed team who provides security configuration compliance scanning across all SAP public cloud environments.
Our team values:
• Collaboration and idea generation
• Data-driven decision making
• Outcomes
• Supports a balance between personal and professional life
#SAPGCIDCareers
Bring out your best
SAP innovations help more than four hundred thousand customers worldwide work together more efficiently and use business insight more effectively. Originally known for leadership in enterprise resource planning (ERP) software, SAP has evolved to become a market leader in end-to-end business application software and related services for database, analytics, intelligent technologies, and experience management. As a cloud company with two hundred million users and more than one hundred thousand employees worldwide, we are purpose-driven and future-focused, with a highly collaborative team ethic and commitment to personal development. Whether connecting global industries, people, or platforms, we help ensure every challenge gets the solution it deserves. At SAP, you can bring out your best.
We win with inclusion
SAP’s culture of inclusion, focus on health and well-being, and flexible working models help ensure that everyone – regardless of background – feels included and can run at their best. At SAP, we believe we are made stronger by the unique capabilities and qualities that each person brings to our company, and we invest in our employees to inspire confidence and help everyone realize their full potential. We ultimately believe in unleashing all talent and creating a better and more equitable world.
SAP is proud to be an equal opportunity workplace and is an affirmative action employer. We are committed to the values of Equal Employment Opportunity and provide accessibility accommodations to applicants with physical and/or mental disabilities. If you are interested in applying for employment with SAP and are in need of accommodation or special assistance to navigate our website or to complete your application, please send an e-mail with your request to Recruiting Operations Team: Careers@sap.com
For SAP employees: Only permanent roles are eligible for the SAP Employee Referral Program, according to the eligibility rules set in the SAP Referral Policy. Specific conditions may apply for roles in Vocational Training.
EOE AA M/F/Vet/Disability:
Qualified applicants will receive consideration for employment without regard to their age, race, religion, national origin, ethnicity, age, gender (including pregnancy, childbirth, et al), sexual orientation, gender identity or expression, protected veteran status, or disability.
Successful candidates might be required to undergo a background verification with an external vendor.
Requisition ID: 395127 | Work Area: Software-Development Operations | Expected Travel: 0 - 10% | Career Status: Professional | Employment Type: Regular Full Time | Additional Locations: #LI-Hybrid.