Skip to content


Herndon VA Full Time Posted: Saturday, 13 January 2018
Applicants must be eligible to work in the specified location

Requisition ID: 167152
Work Area: Information Technology
Expected Travel: 0 - 10%
Career Status: Professional
Employment Type: Regular Full Time


As market leader in enterprise application software, SAP helps companies of all sizes and industries innovate through simplification. From the Back Office to the boardroom, warehouse to storefront, on premise to cloud, desktop to mobile device - SAP empowers people and organizations to work together more efficiently and use business insight more effectively to stay ahead of the competition. SAP applications and services enable customers to operate profitably, adapt continuously, and grow sustainably.

SAP NS2 Cloud Information System Security Engineer (ISSE)-Herndon, VA 20171


SAP is the global market leader for business software and related services, and SAP National Security Services Inc. ® (SAP NS2®) is an independent U.S. subsidiary, offering SAP solutions with specialized levels of security and support to meet the requirements of U.S. national security and critical infrastructure customers.

Must be a U.S. Citizen

Must be Dept. of Defense Directive 8570.1 compliant (CISSP or equivalent certification for acceptance)

All internals must have manager's approval to transfer.

Position Summary

The Security Team Engineer will be responsible for the Enterprise Security Management, maintenance, and architecture of the IT Security Infrastructure for Public-Sector SaaS/IaaS Cloud-Computing platforms. Including the installation, configuration, upgrade, patching, maintenance & monitoring, DDoS mitigation, intrusion prevention and detection lifecycles.

All Security Team participants will ensure proper configuration of all Firewall's, IDS/IPS, Identity Management, SIEM and Security Forensics landscapes, including, but not limited to Cisco Sourcefire/HP TippingPoint or relevant enterprise IDS/IPS experience, Splunk, TippingPoint, Tripwire, Encryption and Monitoring Tools to support the requirements of FedRAMP compliant cloud.

This role serves as a "hands-on" technical staff person who provides technical cyber and information security architecture expertise and guidance to team members and collaborates with other IT teams to address and resolve security issues.

General Responsibilities

  • Expert & Consultation: Functions as a consultant to other Infrastructure groups as an Infrastructure Cyber Security expert.
  • Forecasts system capacity needs, prioritizes work based on departmental priorities and system criticality, functions as an inter/intra-group liaison, performs complex analysis, proactively identifies problems and makes recommendations regarding solutions, and maintains responsibility for end-user (customer) satisfaction.
  • Proactively monitor, test, collect and analyze system performance statistical data to improve quality & ensure optimal performance of all Storage environments.
  • Create and maintain documentation as it relates to infrastructure systems, design, configuration, support and processes.
  • Diagnose and resolve complex configuration and bottleneck issues within a complex application & systems infrastructure.
  • Provide 24x7 L4/L5 escalation support for all Security Infrastructure platforms on a rotational basis.
  • Maintains reports on Security Systems utilization, availability and growth patterns.
  • Experience developing, evaluating, and implementing cyber and information security architectures, technologies, standards, and practices to secure applications and IT systems.
  • Plans, and performs comprehensive systems analysis and design activities including development of detailed functional requirements for new information technology systems, applications or software
  • Provides the in-depth knowledge of leading edge security tools and techniques for mitigating system vulnerabilities
  • Responsible for designing and deploying HIDS, NIDS and various related security tool sets
  • Responsible for deploying and managing a network and security operations command center to include operation of firewalls, Intrusion Detection Systems, and 24x7 monitoring of these networks
  • Reviews legislative documents for regulatory changes, customer requests, requirements and proposals for system development and/or changes, computes and estimates resources needed to prepare and manage Service Level Agreements (SLA)
  • Serves as an expert and consultant to higher management officials and executive level management within and outside the organization to provide advice on integrating information security technology programs and functions to meet the needs of the Cloud
  • Demonstrated experience and subject matter knowledge in cyber and information security for applications, web architectures, operating systems, databases, and networks (not all required)
  • Solid understanding and experience with security development lifecycle (SDL) processes for internally developed applications, including the web-based and Internet facing components.
  • Solid capability to assess application and web architectures and operating systems for vulnerabilities and develop appropriate security countermeasures.
  • Experience in assessing, configuring, and testing security applications and systems, such as Cisco Sourcefire firewalls, security appliances, IDS/IPS, SSL or TLS, IPSec, and web services security.
  • Ability to demonstrate analytical skills, technical knowledge, and practical application of cyber and information security principles to business leaders and technical staff.
  • Demonstrated leadership ability.
  • Excellent communication skills and the proven ability to work effectively with all levels of IT and business management.
  • Conduct research, cost-benefit and return-on-investment analysis on proposed hardware, software and systems to justify recommendations, support purchasing efforts and in making infrastructure design and architecture decisions.
  • Investigation of failures to find the root cause and drive resolution.
  • Maintains proper documentation of all activities.
  • Promotes teamwork which includes but not limited to, encouraging others participation in problem resolution and project oriented tasks.
  • Responsible for Security-related and maintainability audit of all new environments or environmental updates
  • Ensures lower-level engineers receive appropriate direction and training
  • Skill in preparing and making written and oral presentations of complex technical and program management information to all levels involved


  • BA/BS in Computer Science, Information Technology, Business, or any other field or equivalent experience in Information Security, Information Technology, or related technical discipline
  • Strong organizational skills and prior experience in a similar role as Engineer, Lead or Architect
  • Proficient level UNIX computer skills; Basic Scripting: Perl, Python, Shell
  • Infrastructure and Orchestration/Automation Experience preferred: Tripwire, IDS and IPS sensor tuning
  • Must possess at least two professional industry certifications in area of expertise.
    • These could be CISSP
    • AWS Certificate
    • Cloud Security Certification
    • Vendor certification (CCNA, etc)
  • Mastery of Encryption Mechanisms/Techniques and state-of-art applications; Security Controls; Network Intrusion Detection; Configuration Management; Firewall Management; System Security Configurations; Patch management; and Network Infrastructure Security
  • Ability to meet stringent deadlines; handle multiple tasks


To harness the power of innovation, SAP invests in the development of its diverse employees. We aspire to leverage the qualities and appreciate the unique competencies that each person brings to the company.

SAP is committed to the principles of Equal Employment Opportunity and to providing reasonable accommodations to applicants with physical and/or mental disabilities. If you are interested in applying for employment with SAP and are in need of accommodation or special assistance to navigate our website or to complete your application, please send an e-mail with your request to Recruiting Operations Team (Americas: (see below) or (see below), APJ: (see below), EMEA: C (see below) ). Requests for reasonable accommodation will be considered on a case-by-case basis.

EOE AA M/F/Vet/Disability:

Qualified applicants will receive consideration for employment without regard to their age, race, religion, national origin, gender, sexual orientation, gender identity, protected veteran status or disability.

Additional Locations:

Herndon VA, United States of America
1/13/2018 11:31:12 PM

We strongly recommend that you should never provide your bank account details to an advertiser during the job application process. Should you receive a request of this nature please contact support giving the advertiser's name and job reference.