About this role

We help the world run better. At SAP, we keep it simple: you bring your best to us, and we'll bring out the best in you. We're builders touching over 20 industries and 80% of global commerce, and we need your unique talents to help shape what's next. The work is challenging – but it matters. You'll find a place where you can be yourself, prioritize your wellbeing, and truly belong. What's in it for you? Constant learning, skill growth, great benefits, and a team that wants you to grow and succeed.

We are seeking a DevOps Security Engineer to join our dynamic team. The ideal candidate will have extensive experience in securing and optimizing cloud-based infrastructure, with a strong preference for expertise in Kubernetes. Experience working in regulated environments such as FedRAMP or KRITIS is highly desirable. This role requires the ability to work collaboratively within a team setting to ensure the security, scalability, and reliability of our systems.

Key Responsibilities:

Security and Compliance:

Implement and maintain security measures to protect infrastructure and data.
Ensure compliance with regulatory standards such as FedRAMP and KRITIS.

DevOps and Infrastructure:

Design, implement, and manage secure and scalable infrastructure on cloud platforms.
Automate deployment, monitoring, and management of infrastructure using tools like Terraform, Ansible, or Puppet.
Troubleshoot and resolve infrastructure and application issues.

Kubernetes Expertise:

Manage and secure Kubernetes clusters.
Deploy and manage containerized applications using Kubernetes.
Implement Kubernetes-native security controls and best practices.

Team Collaboration:

Work closely with development, operations, and security teams to ensure seamless integration of security into the DevOps pipeline.
Participate in code reviews, pair programming, and team meetings.

Required Skills and Qualifications:

Technical Skills:

Strong knowledge of Kubernetes and containerization technologies (e.g., Docker).
Experience with cloud platforms (e.g., AWS, GCP, Azure, OpenStack).
Familiarity with infrastructure as code (IaC) tools (e.g., Terraform, Ansible).
Proficiency in CI/CD pipelines and tools (e.g., GitLab CI, ArgoCD, Concourse).

Security Skills:

Experience with security tools and practices (e.g., SIEM, IDS/IPS, threat modeling).
Knowledge of secure coding practices and OWASP Top 10.
Familiarity with encryption standards and key management practices.

Compliance and Regulation:

Experience working in regulated environments (FedRAMP, KRITIS) is highly preferred.
Understanding of compliance standards and how to achieve them.

Soft Skills:

Excellent communication and collaboration skills.
Ability to work independently and in a team setting.
Strong problem-solving and troubleshooting abilities.
Adaptability to changing priorities and a fast-paced environment.

Education:

Bachelor's degree in Computer Science, Information Technology, or a related field (or equivalent experience).

Preferred Qualifications:

Certifications in cloud platforms (e.g., AWS Certified Solutions Architect, Google Cloud Certified Professional Cloud Architect).
Certifications in security (e.g., CISSP, Certified Kubernetes Security Specialist).

What We Offer: