Share this Job

Cloud Security Architect (GCP) Job

Apply now »

Date: Oct 6, 2020

City: Palo Alto, CA, US, 94304

Company: SAP

Requisition ID: 266388
Work Area: Software-Design and Development
Expected Travel: 0 - 10%
Career Status: Management
Employment Type: Regular Full Time



SAP started in 1972 as a team of five colleagues with a desire to do something new. Together, they changed enterprise software and reinvented how business was done. Today, as a market leader in enterprise application software, we remain true to our roots. That’s why we engineer solutions to fuel innovation, foster equality and spread opportunity for our employees and customers across borders and cultures.
SAP values the entrepreneurial spirit, fostering creativity and building lasting relationships with our employees. We know that a diverse and inclusive workforce keeps us competitive and provides opportunities for all. We believe that together we can transform industries, grow economics, lift up societies and sustain our environment. Because it’s the best-run businesses that make the world run better and improve people’s lives.

The Role:  

As the Cloud Security Architect at Ariba, you will lead the effort to secure the world’s #1 cloud procurement platform.  You and team of security architects will set the direction and coordinate efforts across the Ariba operations and platform on all security topics.  You will also closely coordinate with your peers in the other SAP cloud businesses and the central security team to help develop the overall strategy and ensure Ariba is aligned.  



  • Provide domain expertise around public cloud and enterprise technology.
  • Configure, implement, monitor, and support network security software/systems that will help ensure compliance with CSA Cloud Controls Matrix in cloud environments (AWS/Azure/GCP)
  • Update security tools for logging/monitoring and growing coverage of existing tools.
  • Make recommendations to management on enhancements to existing and new security software or related tools.
  • Assist in evaluating, planning and implementation of new/existing security applications/tools that integrate with current tool sets.
  • Help implement and maintain next-generation enterprise protection tools and malware detection technologies.
  • Ensure security standard methodologies are identified and integrated into all facets of projects including network, system designs/configuration and implementations.
  • Make recommendation on secure integration strategies, global enterprise architectures and application infrastructure based on best practices.
  • Develop security architecture strategies that align to enterprise architecture strategy and that of the business strategy for cloud.
  • Develop in depth security architecture standards, frameworks and design patters spanning all layers of security in the cloud from host, server and network to application and data security.
  • Contributes to the development and implementation of security technology solutions for complex environment and architecture.
  • Analyzes business impact and exposure based on emerging security threats, vulnerabilities and risk and recommends solutions to mitigate them.
  • Perform audits and vulnerability assessments. 
  • Develop, perform, and analyze vulnerability assessments and penetration tests using generally accepted tools, and recommend remediations.   
  • Review and enhance security policies that cover cloud platforms. 
  • Perform IT risk assessments, incident investigations, root cause analyses, and forensics.   
  • Partner with internal teams to ensure successful security and compliance programs that align with client and regulatory compliance requirements. 
  • Evaluate risks that the applicable vulnerabilities pose to the organization and understand the technical implementation details in order to assess and recommend security control improvements or identify mitigating controls.
  • Assist with remediation of control deficiencies identified during the audit process. 
  • Develop incident response process that effectively prioritizes by highest risk. 
  • Develop technical solutions to help mitigate security vulnerabilities. 
  • Perform security engineering for complex, multi-platform systems, datacenters, GCP and multi cloud environments.
  • Participate in the Security Incident Response Team (SIRT) activities, helping SIRT to detect, respond, contain, eradicate and recover from security incidents in a timely manner, within the Cloud Operations and Corporate IT environments. 


Qualifications Requirements:

  • 10+ years professional experience with 3-5 years involving security, risk management, compliance, and privacy of non-public personal data.
  • Experience with IT security and privacy risk assessments and audits of IT general security controls.
  • 3-5 years experience with google cloud architecture and security. 
  • Experience securing, architecting, designing and implementing highly distributed global cloud-based environments, specifically in google cloud.
  • Experience with structured secure enterprise architecture practices, hybrid cloud environments and on-premise to cloud roadmaps.
  • Ability to collaborate across organizational boundaries, build relationships and achieve broader organizational goals.
  • Experience in designing a securing cloud platforms.
  • Experience on Web Services.
  • Knowledge of logging and Aggregation tools. 
  • In-depth experience in medium to complex computing environments. 
  • Experience working with virtual machines and containers (Docker, Kubernetes). 
  • Good working knowledge of infrastructure security concepts including firewalls, DMZs, intrusion detection/prevention systems, network security, application security concepts, password management, RBAC, access provisioning, SIEM and OWASP.  
  • Experience with Splunk ES.
  • Experience with the phases of the software development lifecycle. 
  • Experience with common vulnerability scanning and penetration testing tools. 
  • Knowledge of common computer security issues, including network and application vulnerabilities. 
  • Post-secondary qualifications involving technical analysis, financial services, problem solving, and writing.   
  • Thorough understanding of computer networking, routing, and protocols. 
  • Knowledge of Linux and its security a plus 



  • Interpersonal skills and team player to maintain collaborative relationships throughout the company and with customers.
  • Experience in a customer-facing, support, consulting, or sales role.
  • Attention to detail, especially with written work such as legal contracts and customer-facing communications.
  • Ability to think and work analytically.
  • Ability to work independently.
  • Ability to document policies, procedures, and technical diagrams.
  • Ability to manage a substantial unplanned workload with short deadlines
  • Must be capable of working with limited direct supervision.


About SAP Ariba:

Ariba, an SAP Company makes business commerce as easy as consumer commerce.  Every day, we help our customer find opportunities to cut costs, reduce risk, and grow revenue through better collaboration with trading partners.   We enable the collaboration through the Ariba Network – a cloud-based community where you will find buying, selling, and managing cash to be as easy as using Amazon, eBay, and PayPal.  We also host other online communities where business commerce professionals network and share information and best practices, just like friends on Facebook.




Success is what you make it. At SAP, we help you make it your own.
A career at SAP can open many doors for you. If you’re searching for a company that’s dedicated to your ideas and individual growth, recognizes you for your unique contributions, fills you with a strong sense of purpose, and provides a fun, flexible and inclusive work environment – apply now.

To harness the power of innovation, SAP invests in the development of its diverse employees. We aspire to leverage the qualities and appreciate the unique competencies that each person brings to the company.

SAP is committed to the principles of Equal Employment Opportunity and to providing reasonable accommodations to applicants with physical and/or mental disabilities. If you are interested in applying for employment with SAP and are in need of accommodation or special assistance to navigate our website or to complete your application, please send an e-mail with your request to Recruiting Operations Team. (Americas:Careers.NorthAmerica@sap.com or Careers.LatinAmerica@sap.com, APJ: Careers.APJ@sap.com, EMEA: Careers@sap.com). Requests for reasonable accommodation will be considered on a case-by-case basis. Successful candidates might be required to undergo a background verification with an external vendor.

EOE AA M/F/Vet/Disability:
Qualified applicants will receive consideration for employment without regard to their age, race, religion, national origin, gender, sexual orientation, gender identity, protected veteran status or disability.

Successful candidates might be required to undergo a background verification with an external vendor.
Additional Locations: Virtual - USA

Nearest Major Market: San Jose
Nearest Secondary Market: Palo Alto

Job Segment: Architecture, Cloud, ERP, Corporate Security, Engineering, Security, Technology