Solution and Product Management

Product Security Specialist - SAP Ariba

What we offer

Our company culture is focused on helping our employees enable innovation by building breakthroughs together. How? We focus every day on building the foundation for tomorrow and creating a workplace that embraces differences, values flexibility, and is aligned to our purpose-driven and future-focused work. We offer a highly collaborative, caring team environment with a strong focus on learning and development, recognition for your individual contributions, and a variety of benefit options for you to choose from. Apply now!

 

 

Summary:

Come be a part of the software security team charged with building the world’s largest digital Business marketplace even stronger and resilient against cyber criminals. We’re looking for an Application Security Engineer to guide software development teams in creating world-class secure products that power businesses around the globe.

At SAP Ariba, we connect millions of companies operating in over 190 countries to buy and sell goods and services. Each year, our network facilitates the transaction trillions of dollars, and is a key player in the global supply chain.

 

Role Expectations:

As a Product Security Engineer, you’ll play a key role in guiding application teams to deliver secure software products. Partnering with Developers to review upcoming features and helping developers to answer questions on security best-practices are just a few of the many ways we work to keep our business secure. Additionally, you will...

  • Help Drive our Shift Left Journey: Guide the creation of visibility metrics, and refinement of automated security feedback that our App Teams depend on. Visibility and insights are a key part of our shift-left strategy and enable our app teams to know where their products stand regarding security posture.

  • Lend Software Security Expertise to Dev Teams: Focusing as an aligned Security Subject Matter Expert to a small set of applications, you’ll get to deepen your knowledge of software while guiding teams to maintaining a world-class level of security. You’ll have the backing of a top global company, and a network of talented and passionate engineers and leaders to support your success.

  • Analyze Risk and Recommend Action Plans: Your knowledge of application security and understanding of risk will be key in guiding application teams and product owners to strike the right balance between ease-of-use and security. Teams will often look to you to help identify secure approaches to solving technical challenges.

  • Continuously Learn and Share Our Knowledge: With modern application technology moving at an ever-increasing speed, we’re looking for engineers that are passionate in continuing to develop their expertise in one or two of the many domains we consult on.

  • Key areas for specialization: Threat Modeling, Secure Code Review, Mobile Application Security,  DevSecOps Automation, Developer Education.

 

Role Requirements:

  • Bachelor’s degree in Computer Science, Software Development, Information Security, or similar discipline.

  • 3 to 6 years of relevent experience in Product Security

  • Strong familiarity with two of the following areas: Threat Modeling, SDLC Security, Secure Coding, Web Penetration Testing

  • Knowledge of Cloud and Containerization Technologies a plus

  • Should feel comfortable solving problems and automating common tasks in a programming language.

  • Should be eager to deepen your understanding in Enterprise Software Development, and System Architecture.

  • Should have some experience reviewing software in a modern Object Oriented languages such as Java, C#, or JavaScript.

  • Experience with Mobile Applications is a plus

  • Experience with JavaScript is a plus

  • General understanding of common weaknesses in web technology and protocols.  Before you can break a system, you must understand the system.

  • Be familiar with common web application vulnerabilities such as the OWASP Top 10.

  • Experience conducting manual security analysis of web applications for common vulnerabilities is a plus. (SQLi, XSS, Insecure Deserialization, Broken Access Control, Insecure Direct Object Reference)

  • Basic understanding of web security concepts such as SOP, CORS, and CSP

  • Basic understanding of Authentication & Authorization protocols, as well as Encryption concepts.

  • Should be comfortable leading working sessions around security review and enhancements

  • Should be comfortable presenting to a small group of technical contributors

#LI-Hybrid

#SecurityT2T1

#productsecurity #penetrationtesting #securecoding #informationsecurity

 

 

 

We are SAP

SAP innovations help more than 400,000 customers worldwide work together more efficiently and use business insight more effectively. Originally known for leadership in enterprise resource planning (ERP) software, SAP has evolved to become a market leader in end-to-end business application software and related services for database, analytics, intelligent technologies, and experience management. As a cloud company with 200 million users and more than 100,000 employees worldwide, we are purpose-driven and future-focused, with a highly collaborative team ethic and commitment to personal development. Whether connecting global industries, people, or platforms, we help ensure every challenge gets the solution it deserves. At SAP, we build breakthroughs, together.

 

Our inclusion promise

SAP’s culture of inclusion, focus on health and well-being, and flexible working models help ensure that everyone – regardless of background – feels included and can run at their best. At SAP, we believe we are made stronger by the unique capabilities and qualities that each person brings to our company, and we invest in our employees to inspire confidence and help everyone realize their full potential. We ultimately believe in unleashing all talent and creating a better and more equitable world.

 

SAP is proud to be an equal opportunity workplace and is an affirmative action employer. We are committed to the values of Equal Employment Opportunity and provide accessibility accommodations to applicants with physical and/or mental disabilities. If you are interested in applying for employment with SAP and are in need of accommodation or special assistance to navigate our website or to complete your application, please send an e-mail with your request to Recruiting Operations Team: Americas: Careers.NorthAmerica@sap.com or Careers.LatinAmerica@sap.com, APJ: Careers.APJ@sap.com, EMEA: Careers@sap.com.

 

EOE AA M/F/Vet/Disability:

Qualified applicants will receive consideration for employment without regard to their age, race, religion, national origin, ethnicity, age, gender (including pregnancy, childbirth, et al), sexual orientation, gender identity or expression, protected veteran status, or disability.

Successful candidates might be required to undergo a background verification with an external vendor.

 Requisition ID:322010 | Work Area: Solution and Product Management | Expected Travel: 0 - 10% | Career Status: Professional | Employment Type: Regular Full Time  | Additional Locations: 

Requisition ID:  322010
Posted Date:  May 2, 2022
Work Area:  Solution and Product Management
Career Status:  Professional
Employment Type:  Regular Full Time
Expected Travel:  0 - 10%
Location: 

Bangalore, IN, 560103

Job alert


Job Segment: SAP, ERP, Computer Science, Supply, Security, Technology, Operations