Loading...
Share this Job
Software-Development Operations

Penetration Security Test Engineer

 

 

Requisition ID: 280095
Work Area: Software-Development Operations
Expected Travel: 0 - 10%
Career Status: Professional
Employment Type: Regular Full Time

 

COMPANY DESCRIPTION


SAP started in 1972 as a team of five colleagues with a desire to do something new. Together, they changed enterprise software and reinvented how business was done. Today, as a market leader in enterprise application software, we remain true to our roots. That’s why we engineer solutions to fuel innovation, foster equality and spread opportunity for our employees and customers across borders and cultures.

SAP values the entrepreneurial spirit, fostering creativity and building lasting relationships with our employees. We know that a diverse and inclusive workforce keeps us competitive and provides opportunities for all. We believe that together we can transform industries, grow economics, lift up societies and sustain our environment. Because it’s the best-run businesses that make the world run better and improve people’s lives.


Position Title:   Security Test Engineer
P&I | SAP Global Security | Secure Development

Security Validation India


PURPOSE AND OBJECTIVES

A penetration tester is a type of Network/Application security consultant that tries to break into or find possible exploits in different computer systems and software.
They act as Ethical Hackers and generally are expected to run a Vulnerability Assessment / Penetration Testing and create assessment reports about the findings for Higher Management. While they will often be running pre-determined types of tests, they will also be innovating their own tests depending upon the Products and solutions from the SAP portfolio, which requires creativity and imagination.

EXPECTATIONS AND TASKS

As a penetration tester, you would be expected to conduct Vulnerability Analysis and Penetration tests on web-based applications, networks, and other types of computer systems on a regular basis.

You will be expected to work on Cloud Security, Mobile Security, and Security of ERP Products. Along with these tests and assessments, the candidate is expected to perform regular security audits from both Design, Process, and technical/hands-on standpoint.

The candidate is expected to work on the security of databases HANA Appliance Model, software development, and/or company secrets.

The candidate is also expected to acquire Data privacy skillsets to perform the DPP assessments.


EDUCATION AND QUALIFICATIONS/ SKILLS AND COMPETENCIES

Bachelor degree or higher, technical discipline preferred

3+ years of working experience in IT Security,
• Graduate in Computer Science, Software engineering or equivalent
• Experienced in application security testing (source code review and application penetration tests)
• Working knowledge of Security principles, techniques, and technologies
• ISO27034 (Nice to have)
• Good understanding of network protocols, design, and operations
• Strong analytical skills and efficient problem solving
• Understanding of Data Privacy protection and assessment skillsets.
• Good English communication skills (written and oral)
• Quick Learner, passionate, motivated, and self-managed.
Skills:
Application development background and security knowledge – example of languages include C, C#, C++, Java, J2EE
Vulnerability and threat management experience
Experience with various security tools and products (SAST AND DAST Eg-Fortify, Check Marx, WebInspect, App Scan, Burp Suite, etc…)
Proven hands-on experience working with Static and Dynamic Security Scan tools
Experience in Open Source Security code scan
Hands-on experience in conducting application vulnerability assessments for web, mobile, and cloud applications.
Knowledge on security hardening procedures for major cloud platforms like AWS, Azure, GCP, SCP, etc

Good understanding of the components of a secure DLC/SDLC
Vulnerability analysis and Application reversing skills
Understanding of GDPR regulations.

Nice to Have :
CISSP, CISA, CEH, OSCP, or other information security certifications

#SAPSecurityCareersSGS

WHAT YOU GET FROM US

Success is what you make it. At SAP, we help you make it your own. A career at SAP can open many doors for you. If you’re searching for a company that’s dedicated to your ideas and individual growth, recognizes you for your unique contributions, fills you with a strong sense of purpose, and provides a fun, flexible and inclusive work environment – apply now.

SAP'S DIVERSITY COMMITMENT
To harness the power of innovation, SAP invests in the development of its diverse employees. We aspire to leverage the qualities and appreciate the unique competencies that each person brings to the company.

SAP is committed to the principles of Equal Employment Opportunity and to providing reasonable accommodations to applicants with physical and/or mental disabilities. If you are in need of accommodation or special assistance to navigate our website or to complete your application, please send an e-mail with your request to Recruiting Operations Team (Americas: Careers.NorthAmerica@sap.com or Careers.LatinAmerica@sap.com, APJ: Careers.APJ@sap.com, EMEA: Careers@sap.com).

Successful candidates might be required to undergo a background verification with an external vendor.

Additional Locations

Penetration Security Test Engineer

Facility:  280095
Posted Date:  Aug 28, 2021
Work Area:  Software-Development Operations
Career Status:  Professional
Employment Type:  Regular Full Time
Expected Travel:  0 - 10%
Location: 

Bangalore, IN, 560066


Job Segment: Engineer, ERP, Developer, Computer Science, Security, Engineering, Technology