Senior Security Expert (m/f/d)

Walldorf, BW, DE

msg global solutions

msg global solutions is a systems integrator, software development partner and managed services provider focused on SAP solutions.

View all jobs at msg global solutions

Apply now Apply later

What you will do​

 

As a Senior Security Expert, you will play an essential role in ensuring the security of our multi-tenant cloud product. You will focus on product security, work proactively with DevOps Engineers, Developers, QA Engineers, System Analysts, and Project Managers to integrate robust security measures, and ensure a secure product lifecycle. Your role will involve hands-on security assessments, implementing automated security tools, and representing product security both within the organization and externally.

 

Key Responsibilities:

  • Threat Modeling, Risk Assessment, and Security Requirements:
    • Conduct threat modeling and risk assessments to identify and prioritize vulnerabilities in our multi-tenant cloud environment as well as set security requirements from the start of the development lifecycle.
  • Security Testing and Vulnerability Management:
    • Lead static (SAST) and dynamic (DAST) application security testing, as well as SAP-initiated validations like penetration tests to ensure vulnerabilities are remediated prior to deployment.
    • Oversee the integration and maintenance of security tools (e.g., Mend, Checkmarx) in CI/CD pipelines, manage ticket processing for vulnerabilities and drive continuous automation in security testing.
  • Integration of Security in the Development Lifecycle (SDLC):
    • Embed security throughout the SDLC, enforce secure coding standards and collaborate with DevSecOps to integrate automated security checks.
    • Drive the setup and integration of additional security checks (e.g., Docker binary scans) within development pipelines to ensure comprehensive product security.
  • Identity and Access Management (IAM):
    • Implement identity and access management (IAM) policies, enforce least privilege principles, and manage role-based access control (RBAC) with DevOps to secure multi-tenant environments.
  • Security Policy Development and Enforcement:
    • Develop, document, and enforce security policies and standards, while integrating best practices across the product lifecycle.
    • Regularly review and adjust policies to align with the latest security threats and industry as well as SAP standards.
  • External Representation and Product Security Advocacy:
    • Represent product security in interactions with SAP and external stakeholders, while leveraging expertise in cloud security to address challenges and drive innovation, including initiatives like Zero Trust Architecture.
    • Develop an in-depth understanding of the product’s architecture and infrastructure to provide comprehensive security insights.
    • Conduct regular security training for development and operations teams, promoting secure coding and a security-first culture.
    • Keep teams updated on emerging threats, vulnerabilities, and best practices.

 

What we are looking for​

Requirements​

  • Minimum 7 years of proven experience in cloud product security, ideally with exposure to SAP BTP or similar platforms.
  • Strong technical expertise in security assessments, penetration testing, threat modeling, and managing product security response processes.
  • Hands-on experience with security scanning tools (e.g Mend, Checkmarx) along with SAST/DAST testing capabilities and familiarity with Docker and binary scanning tools.
  • Knowledge of security frameworks (like OWASP).
  • Demonstrated ability to lead initiatives and drive continuous security improvements in a collaborative environment.
  • Strong communication and collaboration skills to work effectively with DevOps, DevSecOps, compliance as well as  engineering teams.
  • A proactive, hands-on approach to security with the ability to advocate for security best practices at all levels.
  • Fluency in English, written and spoken.

 

What we offer​

  • A place where individuals are equally valued and where diversity and cultural differences are cherished.
  • A global team of highly respected SAP and industry experts where you can make a difference.
  • Competitive salaries and a broad range of benefits (Company Bike, Employee Wellbeing Benefits, New Office Space...)
Apply now Apply later

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Job stats:  3  0  0

Tags: Application security Automation Checkmarx CI/CD Cloud Compliance DAST DevOps DevSecOps Docker IAM OWASP Pentesting Product security Risk assessment SAP SAST SDLC Security assessment Vulnerabilities Vulnerability management Zero Trust

Region: Europe
Country: Germany

More jobs like this

Explore more career opportunities

Find even more open roles below ordered by popularity of job title or skills/products/technologies used.