SAP Security DevSecOps

Summary: The SAP Security DevSecOps role requires a seasoned IT security professional with extensive experience in SAP security engineering. The ideal candidate will possess strong technical skills in SAP platforms and DevSecOps principles, along with a proactive approach to balancing security needs with business objectives. This position is remote and classified as outside IR35, emphasizing the importance of adaptability in a fast-paced environment.

Key Responsibilities:

• Implement and manage security measures for SAP platforms, ensuring compliance with industry standards.
• Collaborate with cross-functional teams to align security priorities and influence product roadmaps.
• Conduct audits and ensure SOX compliance within SAP environments.
• Utilize automation tools to enhance security processes and CI/CD pipeline security.
• Provide expertise in SAP security modules, role administration, and SSO implementation.
• Stay updated on evolving security threats and technologies, adapting strategies accordingly.

Key Skills:

• Bachelor's degree in computer science, Information Security, or a related field (or equivalent experience).
• 5+ years of experience in IT security, with at least 3 years focused on SAP security engineering.
• Proven expertise in SAP platforms, including SAP HANA, BOBJ, BW, GRC, and NetWeaver Gateway.
• Strong understanding of DevSecOps principles, including CI/CD pipeline security and automation tools (e.g., Jenkins, Git, Ansible, or similar).
• Familiarity with the shared responsibility model in cloud environments (AWS, Azure, Google Cloud Platform) and hybrid SAP deployments.
• Familiarity with SAP Cloud ALM (Application Lifecycle Management), clean core a plus.
• Experience with SOX compliance and auditing processes in SAP environments.
• Hands-on knowledge of SAP security modules, role administration, and SSO implementation (e.g., SAML, OAuth, Kerberos).
• Experience with SAP RISE or other SAP cloud transformation initiatives is highly desirable.
• Relevant certifications such as SAP Certified Technology Associate - Security, CISSP, CISM, or DevSecOps-specific credentials are a plus.
• Strong analytical and problem-solving skills with excellent communication and teamwork abilities.
• Experience with scripting languages (e.g., Python, PowerShell) for automation of security tasks.
• Knowledge of container security (Docker, Kubernetes) in SAP environments.
• Familiarity with secure software development lifecycle (SDLC) practices.
• Understanding of identity and access management (IAM) tools integrated with SAP systems.
• Excellent Communication Skills: Ability to clearly articulate security concepts to diverse audiences, including engineers, product managers, and executives.
• Collaboration & Influence: Proven ability to work cross-functionally with teams to align on security priorities and influence roadmaps.

Salary (Rate): undetermined

City: undetermined

Country: USA

Working Arrangements: remote

IR35 Status: outside IR35

Seniority Level: undetermined

Industry: IT