SAP
,
Belfast, Antrim
Senior DevOps Engineer - Security Job
Overview
Job Description
Requisition ID: 249181 Work Area: Software-Development Operations Expected Travel: 0 - 10% Career Status: Professional Employment Type: Regular Full Time COMPANY DESCRIPTION SAP started in 1972 as a team of five colleagues with a desire to do something new. Together, they changed enterprise software and reinvented how business was done. Today, as a market leader in enterprise application software, we remain true to our roots. That's why we engineer solutions to fuel innovation, foster equality and spread opportunity for our employees and customers across borders and cultures. SAP values the entrepreneurial spirit, fostering creativity and building lasting relationships with our employees. We know that a diverse and inclusive workforce keeps us competitive and provides opportunities for all. We believe that together we can transform industries, grow economics, lift up societies and sustain our environment. Because it's the best-run businesses that make the world run better and improve people's lives. PURPOSE AND OBJECTIVE We are Multicloud SecDevOps, the people helping to protect some of SAPs most complex applications and platforms running in public cloud today. Working closely with our peer teams in Multicloud Operations, we deliver, bringing the expertise needed to provide SAP's LoBs with cost-effective and cloud infrastructure, and continuously improving security monitoring and controls. We are transforming the way SAP does security in cloud, using the latest cloud security best practices and developing our own, in order to day-by-day provide a safer environment for our LoBs to operate in We are working to make tomorrow more secure. For our internal customers, and the company's. A successful candidate shall have application/script development background, understanding of the DevOps model and its implementation and understanding of cloud infrastructure and operational methodologies. Knowledge of cloud infrastructure security or prior security roles within development or security operations would also be highly beneficial, especially serverless technologies and runtimes such as Google Cloud Functions and Knative, as that will be the environment you'll be working in. The engineer will function within the team as a DevOps Engineer in developing, deploying and operating cyber security controls into infrastructure-as-code and security-controls-as-code scripts, as well as actively work to protect the Kubernetes environments they run on. Job Description + Contribute Design, implement and manage security controls and automation in a DevOps environment within public clouds across IaaS, PaaS, SaaS and container platforms. + Assist in defining the need and assess relevant security tools to address security challenges within cloud environments and CI/CD pipelines. + Assist the team in security assessments and provide recommendations and consulting on securing cloud infrastructure and in selecting and implementing cloud-native security tools. + Keep abreast of and provide recommendations on emerging security technologies/tools. + Support compliance/certification activities and participate in security audits/reviews. + Document DevOps processes and procedures. + Participate in Agile scrum sprints to create user stories and to assist in developing Sprints and Releases. + Perform other duties as needed. What We're Seeking + A clear passion for security, in particular cloud security - we're on a mission, and looking for security experts who want to make a real material difference in making SAP's cloud security top class + 5 years of increasingly progressive experience (flexible) + Understanding of DevOps, and ideally, DevSecOps principles. + Good knowledge of industry standard tools for the implementation of SecDevOps. + 7 years programming experience in Java, C#, JavaScript, Python, Ruby or equivalent (flexible); Python and/or Ruby desirable + Experience with infrastructure-as-code principles and tools like Terraform or equivalent + Prior experience with Chef InSpec scripting very much preferred - prior Ruby experience here will help too + Solid Understanding of Cloud providers and hands-on experience on one or more of AWS, Azure or GCP. + Understanding of security controls/services in public cloud environments (AWS, Azure or Google Cloud Platform). + Prior Experience in threat detection, (security) monitoring, log management, incident response, and/or digital forensics preferred, either in the cloud or data center environments. Other prior security roles in development functions can be considered as well + Experience in IAM, secrets management, encryption technologies, OS security hardening, SaaS services hardening, and container security. + Experience with Linux administration, shell scripting, and open source security tools. \#SAPSecurityCareersPE \#SOF2020 WHAT YOU GET FROM US Success is what you make it. At SAP, we help you make it your own. A career at SAP can open many doors for you. If you're searching for a compa