SAP Vulnerability management Specialist

Must exp -

1. SAP Vulnerability management tools like SecurityBridge, Onapsis, Pathlock, SAP CVA, SAP ETD.
2. SAP integration with SIEM solution.
3. SAP ABAP code scanning
4. SAP cyber security baseline development
5. SAP security event monitoring and alert analysis
6. SAP security patch management
7. Experience of defining SAP VM processes and wok with InfoSec, SAP Basis, SAP Security, SAP ABAP, SAP Functional teams.

Responsibilities:

1. Vulnerability Identification: Conduct regular scans and audits of the SAP landscape to identify vulnerabilities in SAP applications, databases, operating systems, and associated infrastructure.
2. Risk Assessment: Evaluate the risks associated with identified vulnerabilities, considering the potential impact on business operations and the likelihood of exploitation.
3. Patch Management: Coordinate with the IT and SAP teams to ensure timely application of patches and other remedial actions to mitigate risks.
4. Security Enhancements: Recommend security enhancements and best practices for SAP configuration settings to strengthen system security posture.
5. Compliance and Reporting: Ensure compliance with internal policies and external regulations related to data security and privacy. Prepare and present regular vulnerability assessment reports to senior management.
6. Incident Response: Participate in incident response activities for security breaches involving SAP systems, including post-event analyses and the development of preventative measures.
7. Stakeholder Collaboration: Work closely with various stakeholders, including SAP administrators, IT security, compliance teams, and external vendors, to ensure a unified approach to security.
8. Required Qualifications: Bachelor s degree in information security, Computer Science, Information Systems, or a related field. Minimum of 5 years of experience in SAP security or a closely related field, with a focus on vulnerability management and risk assessment. Proficient in tools and techniques for scanning and mitigating

vulnerabilities in SAP environments. Familiarity with SAP security architectures and the SAP Basis system. Strong understanding of cybersecurity principles, frameworks (e.g., ISO 27001, NIST), and regulatory requirements (e.g., GDPR, SOX). Excellent analytical, problem-solving, and organizational skills. Strong verbal and written communication skills.

Preferred Qualifications: SAP Certified Technology Associate or similar certifications. Experience with cybersecurity tools such as SAP Solution Manager, SAP GRC, and third-party vulnerability assessment tools. Experience in scripting languages for automation of vulnerability scans and reports.