SAP Penetration Tester

Siemens s.r.o. - Siemens Healthineers08.08.2020

Position information

Place of work

Region Žilina

Job description, position information

We are looking for an SAP Penetration tester to work in the Healthcare Cyber Security sector in Bratislava, Žilina or Košice.


With a strong focus on SAP environment your tasks will be the following:

  • Identification of security vulnerabilities
  • Executing scans, penetration tests, source code analysis, reverse engineering
  • Automating vulnerability assessment and penetration testing using scripting
  • Provision of security advice with respect to the mitigation and elimination of weaknesses identified in accordance with current Cyber Security Standards by proposing changes from source code to software architecture
  • Continuous analysis of threats and weaknesses to develop improved software security concepts
  • Creation of application security guidelines and integration of those into the relevant operational and development processes
  • Continuous improvement of know how in the field of application security
  • Support and oversee the implementation of suggested measures to ensure that Cyber Security is part of the ongoing process
  • Analysis of communications security
  • Review of roles, profiles and authorization objects to identify potential escalation of privileges


More about our company: https://www.healthcare.siemens.sk/

  

What are we expecting?  

Education  

Master’s degree in Computer Science (or related field) or equivalent work experience  
  

Skills  

Language skills:  
English - advanced  

Knowledge of German language is highly beneficial  
  
 Professional skills:  

  • Multi-year experience in the field of cyber security
  • Good understanding of software development and software architecture
  • Solid knowledge of technical and organizational aspects of information security
  • Scripting in Power Shell
  • Experienced with security frameworks NIST, SOX, HIPPA, OWASP
  • Experience with using various pentesting tools (BurpSuite, Metasploit, Nessus, SQLmap, etc )
  • Understanding of HTTP protocol and analysis of computer networks with Wireshark
  • Good understanding of intrusion prevention in IT systems, networks and applications backed up by knowledge of theoretical and practical methods, e.g. threat analysis, penetration test, etc
  • Ability to clearly communicate and present technical topics
  • Ability to consult in technical and management-related matters
  • Experience with threat modeling


SAP specific knowledge on:

  • SAP landscape setup & transports
  • SAP related communications and SNC
  • ABAP programming language
  • Usage of authorization objects, profiles, roles and composite roles
  • SAP related web services, e.g. ICF
  • BAPI interfaces
  • User types & authentication mechanisms
  • SAP hardening
  • SAP BASIS administration

  

Personality requirements and skills:  

  • Good analytical and problem-solving skills   
  • Good aptitude for learning new technologies  
  • Must be able to work in a team environment  
  • Advanced interpersonal and communications skills  
  • Good written and verbal communication skills  
  • Good organizational skills
  • Result oriented
  • Self-motivated
  • Highly collaborative

What we can offer?
• Adjustable standing desk as a standard
• MSDN license for each developer with prepaid access to AZURE
• Free access to PLURALSIGHT – the WBT platform
• Team building program - 2 days adventure offsite meeting for all employees every year, Christmas party, extra budget for team building events
• Participation on world famous IT conferences like Microsoft IGNITE for best employees
• Wide project portfolio in healthcare domain and job rotation within company (Cybersecurity, Artificial Intelligence, Healthcare IT services, …)
• Training and development program (business and product trainings, e-learning, language courses, soft skills trainings,…)
• Health program (contracted wellness providers, sport centers, salary reimbursement in case of illness
• Retention program (work anniversary, life anniversary, additional pension plan, employee loans)
• Family care program (subsidy for newborns, maternity leave, kindergardens, summer camps)


Specification of compensation package

From 2500 € + VAR

Contract type

full-time

Requirements on employee