Application Security Manager - Reston, United States - SAP

SAP

Verified Company

Reston, United States

2 weeks ago

Posted by:

Mark Lane

beBee recruiter

Description

**We help the world run better
**At SAP, we enable you to bring out your best. Our company culture is focused on collaboration and a shared passion to help the world run better. How? We focus every day on building the foundation for tomorrow and creating a workplace that embraces differences, values flexibility, and is aligned to our purpose-driven and future-focused work. We offer a highly collaborative, caring team environment with a strong focus on learning and development, recognition for your individual contributions, and a variety of benefit options for you to choose from.

Summary:

At SAP, we connect millions of companies operating in over 190 countries to buy and sell goods and services.

Each year, our network facilitates the transaction trillions of dollars, and is a key player in the global supply chain.

Role Expectations:

-
Help Drive our Shift Left Journey: Guide the creation of visibility metrics, and refinement of automated security feedback that our Product Teams depend on. Visibility and insights are a key part of our shift-left strategy and enable our product teams to know where their products stand regarding security posture.
- **Lend Software Security Expertise to Product Teams**:Focusing as a Subject Matter Expert, you'll get to deepen your knowledge of software while guiding teams to maintaining a world-class level of security. You'll have the backing of a top global company, and a network of talented and passionate engineers and leaders to support your success. Collaborate with product development and solution teams proactively to manage software security risk aligned with business goals.
- **Analyze Risk and Recommend Action Plans**: Your understanding of risk will be key in guiding product teams to strike the right balance between ease-of-use and security. Teams will often look to you to help identify secure approaches to solving technical challenges.
- **
Role Requirements:

Background and Experience:
Bachelor's degree in Computer Science, Software Development, Information Security or related discipline with 5+ years professional experience
Strong Background in two of the following: Threat Modeling, SDLC Security, Secure Coding, Web Penetration Testing
Prior experience working in environments with NIST 80053, NIST controls or FedRAMP requirements a plus

- **Software Development Knowledge*

Knowledge of common software design patterns
Experience with modern JavaScript frameworks and libraries (such as Angular, and React) a plus

- **General Security Knowledge*

Experience with securing Kubernetes clusters and containers
Deep understanding of inherent weaknesses in web technology and protocols. Before you can break a system, you must understand the system.
Relevant industry certifications are good to have, such as CISSP, CCSP.
Experience reviewing findings from automated software assessment tools (SAST, DAST, Open-Source Software Scanners)
Strong understanding of web security concepts such as SOP, CORS, and CSP
Strong understanding of Authentication & Authorization protocols. Ability to support in external and internal audits and certifications of products (e.g., ISO 271001, SOC2 Type1/ Type 2, GxP, NIST, PCI DSS etc)
Ability to Drive and ensure the compliance of all delivered projects to Security and Data Protection & Privacy guidelines.

- **Leadership and Communication Skills*

Prior experience managing and motivating a cybersecurity team
Should be comfortable leading working sessions around security review and enhancements.

Who you are.
We're looking for someone who takes initiative, perseveres, and stays curious. You like to partner with technical staff and leaders to drive security forward and are energized by lifelong learning.

Bring out your best

We win with inclusion

SAP's culture of inclusion, focus on health and well-being, and flexible working models help ensure that everyone - regardless of background - feels included and can run at their best.

At SAP, we believe we are made stronger by the unique capabilities and qualities that each person brings to our company, and we invest in our employees to inspire confidence and help everyone realize their full potential.

We ultimately believe in unleashing all talent and creating a better and more equitable world.

EOE AA M/F/Vet/Disability

Qualified applicants will receive consideration for employment without regard to their age, race, religion, national origin, ethnicity, age, gender (including pregnancy, childbirth, et al), sexual orientation, gender identity or expression, protected veteran status, or disability.