Requisition ID: 273853
Work Area: Software-Development Operations
Expected Travel: 0 – 10%
Career Status: Professional
Employment Type: Regular Full Time
SAP started in 1972 as a team of five colleagues with a desire to do something new. Together, they changed enterprise software and reinvented how business was done. Today, as a market leader in enterprise application software, we remain true to our roots. That’s why we engineer solutions to fuel innovation, foster equality and spread opportunity for our employees and customers across borders and cultures.
SAP values the entrepreneurial spirit, fostering creativity and building lasting relationships with our employees. We know that a diverse and inclusive workforce keeps us competitive and provides opportunities for all. We believe that together we can transform industries, grow economics, lift up societies and sustain our environment. Because it’s the best-run businesses that make the world run better and improve people’s lives.
We are looking for an execution-oriented Vulnerability Management professional who can navigate complex threat scenarios and remain committed to decreasing the overall attack surface of the company. Enterprise Vulnerability Management remains a top priority within the company, presenting the opportunity to be in a key role, together with the support and empowerment needed to be successful. You will complete each day with a sense of pride and accomplishment, knowing that your contributions have made a positive impact to the security posture of the company.
The role is within our Vulnerability Detection Services area, which is one of three crucial components to the Enterprise Vulnerability Management (EVM) service. Our detection team provides a centralized vulnerability scanning service, spanning throughout the entire company. Vulnerability scanning is vital to the “detect” part of EVM, primarily focusing on vulnerabilities on the infrastructure level. You will also play a key role in reporting & metrics, ultimately measuring how our various business units comply to the standard set for Enterprise Vulnerability Management. In this role you will be responsible for
- Maintaining complex vulnerability scanning architectures, as well as ensuring service reliability and functionality.
- Onboarding business units into the vulnerability scanning service, constantly seeking to improve and mature the process.
- Work very close with both our Vulnerability Advisory Service, and our team of Vulnerability Management professionals, combining to form the company’s EVM capability.
- Engineering graduate (STEM) Disciplines with 6-8+ years professional experience in IT and/or Cybersecurity, preferably with an Enterprise Vulnerability Management Team.
- Superior Knowledge of vulnerability management processes and tools to include scanning patching, hardening, configuration, and risk management
- Superior Knowledge of CVSS vulnerability metrics
- Proficiency with Vulnerability Management Tools (e.g. Tenable.io/Nessus, Qualys, Nexpose)
- Multi-tasking and extreme efficiency in time management and prioritization
- Ensures transparency and continuity in all effort, removing single points of failure
- A professional IT Security certification (e.g. CISSP, CISM, CISA, OSCP) is preferred. The ability to communicate and articulate in a clear and understandable fashion is an advantage. Being able to navigate conflict and perform in stressful situations is a plus. Having the flexibility to work outside of typical office hours is a strong advantage within a global organization. Ability to work efficiently from home office is strongly desired.
About the Team
The Attack Surface Reduction Team is overall responsible for the Enterprise Vulnerability Management capabilities of SAP. The team reports directly into the CISO of SAP, within the Global Cyber Defense & Design organization. The Global Cyber Defense & Design organization is a part of the SAP Global Security Organization within the Office of the CEO.
The SAP Global Cyber Defense & Design Team enables us to develop the necessary digital resilience and appropriate responses to counter threats to our business. The team covers operational tasks in the areas of prevention, detection and elimination of threats within our global security framework. This allows us to develop the necessary resilience and countermeasures to keep pace with rapidly developing and growing external threats. SAP Global Cyber Defense and Design ensures that our customers, products, and services are delivered consistently and with distinction, while maintaining availability, integrity, and confidentiality.
Success is what you make it. At SAP, we help you make it your own. A career at SAP can open many doors for you. If you’re searching for a company that’s dedicated to your ideas and individual growth, recognizes you for your unique contributions, fills you with a strong sense of purpose, and provides a fun, flexible and inclusive work environment – apply now
WHAT YOU GET FROM US
Success is what you make it. At SAP, we help you make it your own. A career at SAP can open many doors for you. If you’re searching for a company that’s dedicated to your ideas and individual growth, recognizes you for your unique contributions, fills you with a strong sense of purpose, and provides a fun, flexible and inclusive work environment – apply now.
SAP’S DIVERSITY COMMITMENT
To harness the power of innovation, SAP invests in the development of its diverse employees. We aspire to leverage the qualities and appreciate the unique competencies that each person brings to the company.
SAP is committed to the principles of Equal Employment Opportunity and to providing reasonable accommodations to applicants with physical and/or mental disabilities. If you are in need of accommodation or special assistance to navigate our website or to complete your application, please send an e-mail with your request to Recruiting Operations Team (Americas: or , APJ: , EMEA: ).
Successful candidates might be required to undergo a background verification with an external vendor.