The offer is inactive, it is not possible to respond to it.
SAP Penetration Tester
Siemens s.r.o. - Siemens HealthineersJob information
Job description, information about job
We are looking for an SAP Penetration tester to work in the Healthcare Cyber Security sector in Bratislava, Žilina or Košice.
With a strong focus on SAP environment your tasks will be the following:
- Identification of security vulnerabilities
- Executing scans, penetration tests, source code analysis, reverse engineering
- Automating vulnerability assessment and penetration testing using scripting
- Provision of security advice with respect to the mitigation and elimination of weaknesses identified in accordance with current Cyber Security Standards by proposing changes from source code to software architecture
- Continuous analysis of threats and weaknesses to develop improved software security concepts
- Creation of application security guidelines and integration of those into the relevant operational and development processes
- Continuous improvement of know how in the field of application security
- Support and oversee the implementation of suggested measures to ensure that Cyber Security is part of the ongoing process
- Analysis of communications security
- Review of roles, profiles and authorization objects to identify potential escalation of privileges
More about our company: https://www.healthcare.siemens.sk/
What are we expecting?
Education
Master’s degree in Computer Science (or related field) or equivalent work experience
Skills
Language skills:
English - advanced
Knowledge of German language is highly beneficial
Professional skills:
- Multi-year experience in the field of cyber security
- Good understanding of software development and software architecture
- Solid knowledge of technical and organizational aspects of information security
- Scripting in Power Shell
- Experienced with security frameworks NIST, SOX, HIPPA, OWASP
- Experience with using various pentesting tools (BurpSuite, Metasploit, Nessus, SQLmap, etc )
- Understanding of HTTP protocol and analysis of computer networks with Wireshark
- Good understanding of intrusion prevention in IT systems, networks and applications backed up by knowledge of theoretical and practical methods, e.g. threat analysis, penetration test, etc
- Ability to clearly communicate and present technical topics
- Ability to consult in technical and management-related matters
- Experience with threat modeling
SAP specific knowledge on:
- SAP landscape setup & transports
- SAP related communications and SNC
- ABAP programming language
- Usage of authorization objects, profiles, roles and composite roles
- SAP related web services, e.g. ICF
- BAPI interfaces
- User types & authentication mechanisms
- SAP hardening
- SAP BASIS administration
Personality requirements and skills:
- Good analytical and problem-solving skills
- Good aptitude for learning new technologies
- Must be able to work in a team environment
- Advanced interpersonal and communications skills
- Good written and verbal communication skills
- Good organizational skills
- Result oriented
- Self-motivated
- Highly collaborative
What we can offer?
• Adjustable standing desk as a standard
• MSDN license for each developer with prepaid access to AZURE
• Free access to PLURALSIGHT – the WBT platform
• Team building program - 2 days adventure offsite meeting for all employees every year, Christmas party, extra budget for team building events
• Participation on world famous IT conferences like Microsoft IGNITE for best employees
• Wide project portfolio in healthcare domain and job rotation within company (Cybersecurity, Artificial Intelligence, Healthcare IT services, …)
• Training and development program (business and product trainings, e-learning, language courses, soft skills trainings,…)
• Health program (contracted wellness providers, sport centers, salary reimbursement in case of illness
• Retention program (work anniversary, life anniversary, additional pension plan, employee loans)
• Family care program (subsidy for newborns, maternity leave, kindergardens, summer camps)
• Adjustable standing desk as a standard
• MSDN license for each developer with prepaid access to AZURE
• Free access to PLURALSIGHT – the WBT platform
• Team building program - 2 days adventure offsite meeting for all employees every year, Christmas party, extra budget for team building events
• Participation on world famous IT conferences like Microsoft IGNITE for best employees
• Wide project portfolio in healthcare domain and job rotation within company (Cybersecurity, Artificial Intelligence, Healthcare IT services, …)
• Training and development program (business and product trainings, e-learning, language courses, soft skills trainings,…)
• Health program (contracted wellness providers, sport centers, salary reimbursement in case of illness
• Retention program (work anniversary, life anniversary, additional pension plan, employee loans)
• Family care program (subsidy for newborns, maternity leave, kindergardens, summer camps)