Short DescriptionSAP is seeking a Java Full Stack Developer who has Strong understanding of application security and industry standards and best practices (OWASP / SANS / NIST).
- Developer should be able to work as a Full-stack developer with application security experience
- Experience in application and infrastructure security, especially in cloud environments.
- Strong understanding of application security and industry standards and best practices (OWASP / SANS / NIST)
- Strong understanding of SDLC and Secure Development Lifecycle (SDL) including performing threat modeling and risk assessments
- Collaborate well ‚?? demonstrate excellent development practices, share, and motivate others.
- Exposure to Static/Dynamic Application Security Testing
- Continuously conduct security assessments on our internal assets and existing and future products.
- Build and deploy security automation and tooling to verify and further increase our security posture.
- Manage our vulnerability management program and work with the relevant teams to prioritize remediation efforts.
- Security certifications preferred but not required (OSCP, OSWE, GWAPT, etc)
- Cryptography and cryptographic libraries.
- Experience designing and implementing API Security and Access Controls (OAuth/SAML, Web SSO, AWS IAM, Federation)
- Strong technical skills with technologies like Java/J2EE, Hibernate, Spring, SAP HANA, UI Technologies(, JS, HTML, CSS and Ajax) and OData protocols to develop modem cutting edge software that performs and scales in cloud environment
- Knowledge of lean development infrastructure process including Git, TeamCity,Jenkins etc.. and exposure to Continuous Delivery practices
- Requires 4+ years of professional experience in developing Secure enterprise web-based application,
- Outstanding written and verbal communication skills.
- Bachelor‚??s in Computer Science required, Master preferred.
Java Full Stack Developer