SAP NS2 Cloud Information System Security Engineer (ISSE) - Herndon, VA 20171 Job
Herndon (Fairfax County) Infra / Networks / Telecom
Job description
Requisition ID: 134490
Work Area: Information Technology
Expected Travel: 0 - 10%
Career Status: Professional
Employment Type: Regular Full Time
COMPANY DESCRIPTION
As market leader in enterprise application software, SAP helps companies of all sizes and industries innovate through simplification. From the back office to the boardroom, warehouse to storefront, on premise to cloud, desktop to mobile device – SAP empowers people and organizations to work together more efficiently and use business insight more effectively to stay ahead of the competition. SAP applications and services enable customers to operate profitably, adapt continuously, and grow sustainably.
SAP NS2 Cloud Information System Security Engineer (ISSE) – Herndon, VA 20171
COMPANY DESCRIPTION
SAP is the global market leader for business software and related services, and SAP National Security Services Inc. ® (SAP NS2®) is an independent U.S. subsidiary, offering SAP solutions with specialized levels of security and support to meet the requirements of U.S. national security and critical infrastructure customers.
Must be a U.S. Citizen
Must be Dept. of Defense Directive 8570.1 compliant (CISSP or equivalent certification for acceptance)
All internals must have manager’s approval to transfer.
Position Summary
The Security Team Engineer will be responsible for the Enterprise Security Management, maintenance, and architecture of the IT Security Infrastructure for Public-Sector SaaS/IaaS Cloud-Computing platforms in our Herndon, VA 20171 location. Including the installation, configuration, upgrade, patching, maintenance & monitoring, DDoS mitigation, intrusion prevention and detection lifecycles.
All Security Team participants will ensure proper configuration of all Firewall’s, IDS/IPS, Identity Management, SIEM and Security Forensics landscapes, including, but not limited to Cisco Sourcefire/TippingPoint or relevant enterprise IDS/IPS experience, Splunk, Tripwire, Encryption and Monitoring Tools to support the requirements of FedRAMP compliant cloud.
This role serves as a "hands-on" technical staff person who provides technical cyber and information security architecture expertise and guidance to team members and collaborates with other IT teams to address and resolve security issues.
General Responsibilities
· Expert & Consultation: Functions as a consultant to other Infrastructure groups as an Infrastructure Cyber Security expert.
· Forecasts system capacity needs, prioritizes work based on departmental priorities and system criticality, functions as an inter/intra-group liaison, performs complex analysis, proactively identifies problems and makes recommendations regarding solutions, and maintains responsibility for end-user (customer) satisfaction.
· Create and maintain documentation as it relates to infrastructure systems, design, configuration, support and processes.
· Provide 24x7 L4/L5 escalation support for all Security Infrastructure platforms on a rotational basis.
· Maintains reports on Security Systems utilization, availability and growth patterns.
· Experience developing, evaluating, and implementing cyber and information security architectures, technologies, standards, and practices to secure applications and IT systems.
· Plans, and performs comprehensive systems analysis and design activities including development of detailed functional requirements for new information technology systems, applications or software
· Provides the in-depth knowledge of leading edge security tools and techniques for mitigating system vulnerabilities to include designing and deploying HIDS, NIDS, and various related tool sets.
· Responsible for deploying and managing a network and security operations command center to include operation of firewalls, Intrusion Detection Systems, and 24x7 monitoring of these networks
· Reviews system architecture for system development , computes and estimates resources needed to prepare and manage Service Level Agreements (SLA)
· Serves as an expert and consultant to higher management officials and executive level management within and outside the organization to provide advice on integrating information security technology programs and functions to meet the needs of the Cloud
· Demonstrated experience and subject matter knowledge in cyber and information security for applications, web architectures, operating systems, databases, and networks (not all required).
· Understand the security development lifecycle (SDL) processes for internally developed applications, including the web-based and Internet facing components.
· Assess application and web architectures and operating systems for vulnerabilities and develop appropriate security countermeasures.
· Assess, configure, and test security applications and systems, such as Cisco Sourcefire firewalls, security appliances, IDS/IPS, SSL or TLS, IPSec, and web services security.
· Demonstrated leadership ability.
· Conduct research, cost-benefit and return-on-investment analysis on proposed hardware, software and systems to justify recommendations, support purchasing efforts and in making infrastructure design and architecture decisions.
· Investigation of failures to find the root cause and drive resolution.
• · Promotes teamwork through effective communication which includes but not limited to, encouraging others participation in problem resolution and project oriented tasks.
· Responsible for Security-related and maintainability audit of all new environments or environmental updates
· Preparing written and oral presentations of complex technical and program management information to all levels involved
Ability to conduct assessments of the system for compliance with applicable security frameworks (such as NIST 800-53, NIST 800-171, etc.)
Qualifications:
· BA/BS in Computer Science, Information Technology, Business, or any other applicable field with at least 3 years or equivalent experience in Information Security, Information Technology, or related technical discipline
· Strong organizational skills and prior experience in a similar role as an Engineer, Lead or Architect
· Proficient level UNIX computer skills; Basic Scripting: Perl, Python, Shell
· Infrastructure and Orchestration/Automation Experience preferred: Tripwire, IDS and IPS sensor tuning, Splunk, TrendMicro, McAfee ePO, HSM, and WAF.
· Must possess at least two professional industry certifications in area of expertise. These include but are not limited to:
· CISSP (Preferred)
· AWS Certificate (Preferred)
· Cloud Security Certification
· Vendor certification (CCNA, etc)
· Mastery of Encryption Mechanisms/Techniques and state-of-art applications; Security Controls; Network Intrusion Detection; Configuration Management; Firewall Management; System Security Configurations; Patch management; and Network Infrastructure Security
· Ability to meet stringent deadlines; manage and prioritize tasks appropriately.
· Advanced ability to demonstrate analytical skills, technical knowledge, and practical application of cyber and information security principles to business leaders and technical staff.
SAP'S DIVERSITY COMMITMENT
To harness the power of innovation, SAP invests in the development of its diverse employees. We aspire to leverage the qualities and appreciate the unique competencies that each person brings to the company.
SAP is committed to the principles of Equal Employment Opportunity and to providing reasonable accommodations to applicants with physical and/or mental disabilities. If you are interested in applying for employment with SAP and are in need of accommodation or special assistance to navigate our website or to complete your application, please send an e-mail with your request to Recruiting Operations Team (Americas: or , APJ: , EMEA: C ). Requests for reasonable accommodation will be considered on a case-by-case basis.
EOE AA M/F/Vet/Disability:
Qualified applicants will receive consideration for employment without regard to their age, race, religion, national origin, gender, sexual orientation, gender identity, protected veteran status or disability.
Additional Locations:
Nearest Major Market: Washington DC