SAP Hiring For Dev SecOps Associate Details:
About SAP: SAP started in 1972 as a team of five colleagues with a desire to do something new. Together, they changed enterprise software and reinvented how business was done. Today, as a market leader in enterprise application software, we remain true to our roots. That’s why we engineer solutions to fuel innovation, foster equality and spread opportunity for our employees and customers across borders and cultures.
Official Website: www.sap.com/india
Job Profile: Dev SecOps Associate
Experience Required: 1+ year
Work Location: Bangalore
PURPOSE AND OBJECTIVES
- We are part of the The Tools Team, an autonomous team inside SAP located in the SAP Labs in Silicon Valley (USA), Paris & Nice (France), Bangalore (India), Sofia (Bulgaria), Maidenhead (UK) and in the SAP Headquarters (Germany). As our name says, we create tools. What kind of tools may you ask? Awesome tools to help people in SAP to get their job done in a smarter and faster way. Some of our main topics are: CI/CD, Corporate Compliance, Portfolio & Capacity and Developer Productivity Tools.
- Within TTT, the Security Testing team enables SAP development teams to build secure software by providing a central service for automated source code scans complemented by other test methods, such as dynamic checks, fuzzing, or penetration testing. This automated security analysis of potentially large software products allows to detect and eliminate security flaws at an early stage in the development cycle before the products are shipped to SAP customers.
- The team also provides central education and consulting to develop security awareness in SAP and help development teams make effective use of these tools. Finally, we carry out research projects in white spot areas and develop our own security testing tools for specific configurations that are not well supported by standard static analysis tools (SAST) or dynamic analysis tools (DAST).
- Our strengths rely on an international and multicultural team. The team is made up of highly skilled and passionate individuals who together bring many years of experience from various areas of application security. We are looking for a multidisciplinary and hands-on professional who can support the TTT through its growth.
EXPECTATIONS AND TASKS
The responsibilities and tasks of this position are the following:
- Contribute to the operation and maintenance of security testing tools to ensure very high availability. This comprises, for instance, monitoring of production systems, scale-out of services to meet increasing loads, containerization of existing infrastructure, or migration to a hyperscaler such as Google Cloud Platform
- Perform in-depth troubleshooting and log analysis to identify and solve complex support issues involving multiple software components
- Build software-based solutions to prevent recurrences of incidents and improve service stability and reliability
- Work closely with security experts and develop technical solutions based on given requirements, e.g. solutions for automated Security Testing for specific classes of applications and frameworks
- Learn new technologies and keep up to date with latest development in the area of application security testing like dynamic analysis tools (DAST)
REQUIRED EDUCATION AND QUALIFICATIONS / SKILLS AND COMPETENCIES
- Bachelor’s or master’s degree in computer science, engineering or equivalent education
- Hands-on experience with any of the open source scripting languages like Perl, Python, Shell scripting, etc.
- Knowledge of application security testing and willingness to deepen the knowledge in this area
- Understanding of CI/CD concepts (Jenkins, GitOps)
- Understanding of REST APIs concepts and micro-service architectures
- Strong analytical and problem-solving skills
- Good oral and written communication in English
- 1+ years of professional experience in software development and operations