SAP Security Services Architect

Spinnaker Support provides global enterprise software support, managed services, and project-based consulting to many of the world’s most recognized and respected brands. Founded in 2008, our customer focus, business integrity, exacting standards, and depth of expertise have earned us the trust and loyalty of over 1,300 organizations located in 104 countries. Our dedicated international team works closely with every customer to ensure they receive exceptional, customized services that clear the way for their operational success. Today, Spinnaker Support is proud to be the industry’s highest-rated provider for third-party software support services for VMware, Oracle and SAP.

We have an immediate need for an SAP Security Services Architect based in the UK or South Africa. This position can be based out of your home office. The Security Services Architect will be responsible for developing and maintaining the operations of security products and offering within Spinnaker Support. This role will serve to define and deliver Spinnaker Support’s approach to security within the 3^rd party support and managed service markets.

This position requires a deep knowledge of the SAP architecture and experience in applying defense in depth strategies to SAP systems. This position will be responsible for providing guidance to clients on attack surface reduction strategies in relationship to the SAP system landscape. This will include identifying, documenting, and guiding clients in security best practices related to the applications, network and infrastructure of SAP systems. This position requires a person with multiple years of hands-on technical expertise in hardening the SAP environment.  The applicant should have an in-depth knowledge and understanding of SAP Subnets and network DMZ. 

• →SAP CVE and vulnerability analysis - Researching newly disclosed vulnerabilities, assessing technical impact, and developing hardening guidance.
• →Security bulletin authoring - Writing customer-facing monthly bulletins summarizing threats and remediation steps for vulnerabilities identified in SAP Security Patch Day notifications.
• →Rapid response for critical vulnerabilities - Developing and communicating guidance when high-severity or zero-day SAP vulnerabilities emerge.
• →Structured security assessment delivery - Conducting assessments, analyzing results, compiling reports with actionable remediation recommendations
• →Customer case management - Triaging and responding to customer security inquiries.

• 7+ years of SAP technical experience
• 3+ years of SAP security hardening, attack surface reduction, and vulnerability analysis
• 3+ years of scripting and automation
• Proven technical writing skills with the ability to document details for complex solutions.
• Deep knowledge of the security architecture across multiple deployment platforms (network, firewall, computer, storage, database and application)
• A detailed understanding of common network topologies and their application to security mitigation.
• Strong field-level/consultative experience with ability to staff teams to meet customer support and service requirements
• Strong analytical skills with ability to understand and document details for complex solutions
• Experience in performing NetWeaver AS system security operations.
• Fundamental knowledge of protecting SAP infrastructure at SAP/OS and DB level.
• Understanding of different SAP products at architectural level
• Understanding of SAP Security Note Monitoring/Telemetry and Proficiency with SAP Vulnerability Management
• Working knowledge of SAP users, roles and authorizations

• 2+ years Python scripting programming
• C_SEC_2405 - SAP Certified Associate - Security Administrator
• Management and implementation of RFC Gateway and SNC
• Substantive knowledge of SSO, SNC and SSL
• Security certified
  • Information Systems Security Architecture Professional (ISSAP)
  • Relevant GIAC certifications (e.g., GSEC, GEVA, GPEN, GSNA)
• 1+ year of Application Security Testing
• Experience in addressing SAP vulnerabilities beyond leveraging SAP Notes.