Spinnaker Support

SAP Security Services Architect

Spinnaker Support  •  United Kingdom of Great Britain and Northern Ireland (Remote)  •  3 months ago
Apply
Save Job
Mark Applied Mark Interviewed Mark Offered
Hide Job Report Job
AI can make mistakes so check important info. Chat history is never stored.

Job Description

Spinnaker Support provides global enterprise software support, managed services, and project-based consulting to many of the world’s most recognized and respected brands. Founded in 2008, our customer focus, business integrity, exacting standards, and depth of expertise have earned us the trust and loyalty of over 1,300 organizations located in 104 countries. Our dedicated international team works closely with every customer to ensure they receive exceptional, customized services that clear the way for their operational success. Today, Spinnaker Support is proud to be the industry’s highest-rated provider for third-party software support services for VMware, Oracle and SAP.

We have an immediate need for an SAP Security Services Architect based in the UK or South Africa. This position can be based out of your home office. The Security Services Architect will be responsible for developing and maintaining the operations of security products and offering within Spinnaker Support. This role will serve to define and deliver Spinnaker Support’s approach to security within the 3rd party support and managed service markets.

This position requires a deep knowledge of the SAP architecture and experience in applying defense in depth strategies to SAP systems. This position will be responsible for providing guidance to clients on attack surface reduction strategies in relationship to the SAP system landscape. This will include identifying, documenting, and guiding clients in security best practices related to the applications, network and infrastructure of SAP systems. This position requires a person with multiple years of hands-on technical expertise in hardening the SAP environment. The applicant should have an in-depth knowledge and understanding of SAP Subnets and network DMZ.

Direct Responsibilities:

  • SAP CVE and vulnerability analysis - Researching newly disclosed vulnerabilities, assessing technical impact, and developing hardening guidance.
  • Security bulletin authoring - Writing customer-facing monthly bulletins summarizing threats and remediation steps for vulnerabilities identified in SAP Security Patch Day notifications.
  • Rapid response for critical vulnerabilities - Developing and communicating guidance when high-severity or zero-day SAP vulnerabilities emerge.
  • Structured security assessment delivery - Conducting assessments, analyzing results, compiling reports with actionable remediation recommendations
  • Customer case management - Triaging and responding to customer security inquiries.

Required Competencies and Experience:

  • 7+ years of SAP technical experience
  • 3+ years of SAP security hardening, attack surface reduction, and vulnerability analysis
  • 3+ years of scripting and automation
  • Proven technical writing skills with the ability to document details for complex solutions.
  • Deep knowledge of the security architecture across multiple deployment platforms (network, firewall, computer, storage, database and application)
  • A detailed understanding of common network topologies and their application to security mitigation.
  • Strong field-level/consultative experience with ability to staff teams to meet customer support and service requirements
  • Strong analytical skills with ability to understand and document details for complex solutions
  • Experience in performing NetWeaver AS system security operations.
  • Fundamental knowledge of protecting SAP infrastructure at SAP/OS and DB level.
  • Understanding of different SAP products at architectural level
  • Understanding of SAP Security Note Monitoring/Telemetry and Proficiency with SAP Vulnerability Management
  • Working knowledge of SAP users, roles and authorizations

Preferred

  • 2+ years Python scripting programming
  • C_SEC_2405 - SAP Certified Associate - Security Administrator
  • Management and implementation of RFC Gateway and SNC
  • Substantive knowledge of SSO, SNC and SSL
  • Security certified
    • Information Systems Security Architecture Professional (ISSAP)
    • Relevant GIAC certifications (e.g., GSEC, GEVA, GPEN, GSNA)
  • 1+ year of Application Security Testing
  • Experience in addressing SAP vulnerabilities beyond leveraging SAP Notes.

For California based applicants, see our CCPA policy here - Privacy Policy

Spinnaker Support

About Spinnaker Support

Spinnaker is the premier global provider of on-premise and cloud-based enterprise software support services. Mid-size to Fortune 100 global enterprises and public sector organizations that run Oracle, SAP, and VMware software turn to us for third-party support, managed services, and/or consulting services.

Our exacting standards, proven processes, and depth of expertise have earned us the trust and loyalty of over 1,300 organizations located in 104 countries. The type of services we provide for our customers are critical to their successful operation. We monitor, maintain, enhance, and secure their software through changing business conditions to ensure it is always operating at peak performance.

In 2021, we announced Ultimate Support Guarantee, our commitment to delivering a high-quality support experience to our customers and the first and only such Guarantee in the market. We embrace and resolve complex challenges that others in our industry shy away from – and we always do it at a fair price.

Industry
IT & Software
Company Size
201-500 employees
Headquarters
Greenwood Village, CO
Year Founded
2002
Website
spinnakersupport.com
Social Media