Siemens Careers

SAP Security Expert (m/f)

Amadora, Portugal
Information Technology

Apply
English (UK)

Job Description

What are my responsibilities?

  • Assess enterprise applications, products and solutions with tool-based and manual penetration testing methods (Web Technologies, Rich Clients, SAP, Networks, protocols, IoT, solutions, services, embedded devices)
  • Review reports of security assessments of SAP systems
  • Find new vulnerabilities in business applications, products and solutions and prove their relevance with exploit scripts
  • Evaluate vulnerabilities, including CVSS rating
  • Investigate compliance of, for instance, OSs, databases, etc, to existing security measure plans (Windows, Linux, Apache, MYSQL, …)
  • Write client reports detailing vulnerabilities' exploitation, risk evaluation and respective mitigations
  • Explain vulnerabilities and their impact to technical experts, as well as management personnel
  • Perform root-cause analysis and lessons learned with developers and architects to improve security sustainably

 

What do I need to qualify for this job?

  • Experience in hands-on penetration testing or red team engagement
  • Experience in current attack methods, manual penetration testing methods, and hacking tools–Nmap, Metasploit, Kali Linux, Burp Suite Pro–as a starting point for intensive manual security tests and self-developed testing tools
  • Review and ensure the secure configuration of OSs (Windows, Linux), network devices (firewalls, routers), and mobile platforms (iOS, Android)
  • Experience in analyzing rich clients (Java, .NET, binary) and their techniques, such as debugging, API hooking, fuzzing, and exploit generation is a plus
  • Experience in hardware hacking (JTAG, internal bus systems) a plus
  • Proficiency in programming languages such as C/C++, Java, .NET, Python, and manual source code spot checks to find new vulnerabilities is a plus
  • Experience in SAP ABAP/Java Stack and HANA administration is a plus
  • Experience in fuzzing a plus
  • Academic background in relevant field
  • Relevant Certifications like OSCP, CEH, CISSP, CISA, CISM preferred but not required
  • Fluent in spoken and written English 

Want to know more?

 

Corporate Technology

 

With its 7,000 employees, Siemens Corporate Technology (CT) works hand in hand with the company’s business units to ensure Siemens’ future. 

 

CT Cybersecurity

 

Working Together to Strengthen Cybersecurity - check it out: https://www.siemens.com/global/en/home/company/innovation/pictures-of-the-future/cybersecurity.html

 

#LXTechHub

 

You will join the global Corporate Technology Cybersecurity Lisbon team. At the Siemens Lisbon Tech Hub we are reinventing the world of today and tomorrow - check it out: https://www.siemens.com/pt/en/home/company/hr/jobs/lisbontechhub.html

 

#itsec #cybersecurity #ITMakesUsMove #LxTechHub


Job ID: 103872

Organization: Corporate Technology

Experience Level: Experienced Professional

Job Type: Full-time





Can't find what you are looking for?

Let's stay connected

Can't find what you are looking for?