Cloud Security Architect

**We help the world run better**

**ABOUT THE ROLE**

Enterprise Cloud Services (ECS) is a business unit in the Product Engineering Board Area.
Enterprise Cloud Services supports customers throughout their cloud transformation and SAP S/4HANA Private Cloud adoption journey (PCE, RISE with SAP). We run the Intelligent Enterprise so they can be an Intelligent Enterprise. Our portfolio of SAP HANA Enterprise Cloud Private Cloud Edition (PCE part of RISE with SAP) and SAP Cloud Application Services turns SAP products into a solution-as-a-service on customer’s preferred infrastructure, including Hyperscalers, as one SAP.

In your role as Cloud Security Architect you will support the development and execution of enterprise-wide Cloud security program by defining and managing security controls for a multi-cloud architecture (Azure, AWS and GCP). You will work closely with our Defensive Architecture Lead and our Chief Security Architect and you will defend SAP Enterprise Cloud Services and develop appropriate measures for detecting, protecting, and responding to cyber threats.

You will report directly to ECS Chief Security Officer and you will support the CSO office, responsible for the effective and efficient security strategy, security programs, and services.

**What you will do**
- Configure, maintain, deploy, and write rules in Cloud security tools (CSPM, CWPP, CNAPP)
- Design and implement 3rd party and cloud-native tooling to meet defined requirements
- Develop standard operating procedures and trainings for each technology
- Architect and continuously improve security technology stack, process and procedures, support model and cross-function interactions utilizing automation where possible for Azure, AWS and GCP
- Review and assess utilization of Cloud security tooling and services (ex. Kubernetes)
- Promote and drive adoption of Cloud security tooling across the enterprise
- Partner across the Security Operations team to respond to cybersecurity incidents
- Develop and report Cloud security coverage metrics and remediation plans
- Define procedures to validate the effectiveness of the design, deployment, and management of security controls that aim to maintain confidentiality, integrity, and availability of Cloud networks and technology platforms

**What you bring**
- Strong experience operating in at least one cloud provider (Azure, AWS, GCP),preferably Azure
- Strong understanding of Kubernetes security
- Strong understanding of Cloud security industry standards and best practices (CSA CCM, CIS benchmarks, etc.)
- Strong understanding of Operations and maintenance of Cloud security technology stack (CSPM, CWPP, CIEM, Cloud native features like GuardDuty, AWS Config, Amazon Inspector, etc.)
- Proficient use of Linux
- Working proficiency with at least one scripting language (Python, Powershell, etc.)
- Hands-on experience with proxies, load balancers, virtual machines, containers, and/or serverless technologies
- Hands-on experience with SecDevOps technologies including Docker, Kubernetes, Jenkins, Terraform, and/or Cloudformation

**What you get from us**
Success is what you make it. At SAP, we help you make it your own.

ECSCareers

**We build breakthroughs together**

**We win with inclusion**

SAP’s culture of inclusion, focus on health and well-being, and flexible working models help ensure that everyone - regardless of background - feels included and can run at their best. At SAP, we believe we are made stronger by the unique capabilities and qualities that each person brings to our company, and we invest in our employees to inspire confidence and help everyone realize their full potential. We ultimately believe in unleashing all talent and creating a better and more equitable world.

**EOE AA M/F/Vet/Disability**:
Qualified applicants will receive consideration for employment without regard to their age, race, religion, national origin, ethnicity, age, gender (including pregnancy, childbirth, et al), sexual orientation, gender identity or expression, protected veteran status, or disability.

Requisition ID: 379750 | Work Area: Information Technology | Expected Travel: 0 - 10% | Career Status: Professional | Employment Type: Regular Full Time | Additional Locations: #LI-Hybrid.