Expoint - all jobs in one place

The point where experts and best companies meet

Limitless High-tech career opportunities - Expoint

SAP Product Security Specialist 
India, Karnataka, Bengaluru 
256327794

02.12.2024

What you'll do

You will be a member of an international team comprising of experts in secure-programming techniques, who work closely with developers on vulnerabilities and security incidents reported on SAP applications.

You are expected to:


• Combine your technical expertise with experience in managing complex situations
• Communicate with leading security researchers, customers and SAP’s support organizations on confidential and sensitive disclosures
• Assess the risk of disclosure and work with internal stakeholders to mitigate risk to SAP
• Guide development teams on possible solutions to fix security vulnerabilities and manage security incidents

What you bring

Required skills:


• Bachelor Degree in Technology, Computer Science or Engineering
• Enthusiasm for security and technology, understands current security trends
• Experiences in software development, focusing on security or secure software development practices

• Minimum 5-7 years of experience in security, either as a security practitioner, an application security developer, or a security auditor
• Experience in managing complex security incidents as lead/commander
• Experience in working with developers (e.g. DevOps) or other development-supporting roles
• Experience in executive communication and external/media communicationPreferred skills:


• Pen-testing experience using tools like Qualys, Burpsuite, Metasploit, etc
• Vulnerability management experience including PoC creation, exploit/attack recreation, triaging, prioritization, fix recommendation and fix validation.
• Thorough understanding of common vulnerability types including OWASP top 10
• Thorough understanding of supply-chain issues in application security
• Awareness of current security relevant regulations (e.g. DORA, CRA)
• Understanding of CVE, CVSS, CWE
• Understanding of NVD, KEV, and the latest CISA initiatives
• Understanding of Cyber Security Framework
• Understanding of Secure SDLC
• Understanding of common security architectures
• Certifications like CISSP, CSSLP, CCSP, OSCP, CEH, or SANS certifications

Job Segment:ERP, Cloud, Testing, PR, Supply Chain, Technology, Marketing, Operations