$80K — $100K *
Application Security Engineer
About this position
This position is part of SAP’s larger global Security structure, an organization that drives the latest best practices around Cyber Threat Intelligence, Incident Response, Crisis Management, Digital Forensics and Vulnerability Management.
For SAP Concur we are looking for a Security Engineer to prevent, detect, and correct security flaws in Concur software. SAP Concur is a B2B business that has millions of end users, providing best in class Web based SAAS Applications. Our customers have high expectations of us that the software we deliver them is secure and that SAP Concur protects their data. SAP Concur’s application security team therefore supports security tooling, process, and governance across the secure development lifecycle.
What is this team’s tech stack today?
As a team, Application Security has to be somewhat language agnostic as the security engineer will work with many teams across the organization, there will be exposure to: C#, Java, Go Lang, NodeJS among others, in Web environment, based on microservices, and REST APIs.
⦁ Designing and maintaining software security in an Agile and platform-oriented environment is an exciting challenge: your mission is to ensure best-in-class security and data protection for Concur and its customers while enabling fast-paced innovation on Concur SaaS and mobile solutions
⦁ Securing both older and newer web applications, rest APIs and Mobile Apps with process, tooling, and by educating developers.
⦁ Development background particularly building enterprise Web applications and working knowledge of securing applications in a cloud environment (mostly AWS)
⦁ Experience in identifying security flaws in current code, ability to evaluate risk, triage and provide remediation solutions
⦁ Understanding of Web Application security risks, including but not limited to OWASP top 10
⦁ Proficiency with auditing object-oriented languages and script-based languages for vulnerabilities
⦁ Experience threat modeling at scale - applications and experience securing REST services
⦁ Ability to oversee multiple projects in order to preserve the architectural vision and protect stakeholder interests as well as to meet operational and financial reporting requirements
Valid through: 8/25/2020
$100K — $110K + $3000K bonus