DevSecOps SAP Engineer (GC and USC) Location: Remote (PST Time) Contract Duration: 12+ Months We are seeking an experienced and proactive DevSecOps SAP Engineer to join our Cybersecurity Application Platform Security Team. This role combines expertise in SAP security with a strong foundation in DevSecOps practices to ensure the ‘secure by design’, ‘secure by default’ principles throughout development, deployment, and operation of SAP systems. The ideal candidate will have hands-on experience with Cybersecurity platforms, with a deep understanding of SAP. This position plays a critical role in assisting large IT transformation initiative – Propel, to move SAP platform to cloud; operate securely. maintaining compliance, enhancing security postures, and supporting our SAP ecosystem. Key Responsibilities: • Work with SAP RISE integration partners to bake-in security controls part of design, implementation, across SAP platforms, including SAP S/4HANA, BusinessObjects (BOBJ), Business Warehouse (BW), Governance, Risk, and Compliance (GRC), and NetWeaver Gateway. • Integrate security best practices into CI/CD pipelines to ensure secure code deployment and infrastructure-as-code for SAP environments. • Collaborate with development, operations, and peer cybersecurity teams to enforce the shared responsibility model for cloud and on-premises SAP deployments. • Ensure compliance with SOX regulations and other industry standards (NERC CIP where applicable) by implementing and monitoring SAP security policies and procedures. • Ensure IAM specific controls like user access management, role design, and segregation of duties (SoD) analysis are implemented according to PG&E standards and best practices. • Implement and support Single Sign-On (SSO) solutions for SAP systems to enhance authentication security. • Conduct security assessments, vulnerability scans, and penetration testing on SAP applications and infrastructure. • Be an integral part of SAP team and provide expertise in securing SAP RISE deployments, leveraging cloud-native security tools and practices (experience with SAP RISE is a plus). • Develop and maintain documentation for security processes, security architecture patterns relevant to the emerging SAP environments. • Stay updated on emerging threats, vulnerabilities, and security trends related to SAP and DevSecOps practices. • Promote cybersecurity awareness among developers and stakeholders. Qualifications: • Bachelor’s degree in computer science, Information Security, or a related field (or equivalent experience). • 5+ years of experience in IT security, with at least 3 years focused on SAP security engineering. • Proven expertise in SAP platforms, including SAP HANA, BOBJ, BW, GRC, and NetWeaver Gateway. • Strong understanding of DevSecOps principles, including CI/CD pipeline security and automation tools (e.g., Jenkins, Git, Ansible, or similar). • Familiarity with the shared responsibility model in cloud environments (AWS, Azure, GCP) and hybrid SAP deployments. • Familiarity with SAP Cloud ALM (Application Lifecycle Management), clean core a plus. • Experience with SOX compliance and auditing processes in SAP environments. • Hands-on knowledge of SAP security modules, role administration, and SSO implementation (e.g., SAML, OAuth, Kerberos). • Experience with SAP RISE or other SAP cloud transformation initiatives is highly desirable. • Relevant certifications such as SAP Certified Technology Associate – Security, CISSP, CISM, or DevSecOps-specific credentials are a plus. • Strong analytical and problem-solving skills with excellent communication and teamwork abilities. Preferred Technical Skills: • Experience with scripting languages (e.g., Python, PowerShell) for automation of security tasks. • Knowledge of container security (Docker, Kubernetes) in SAP environments. • Familiarity with secure software development lifecycle (SDLC) practices. • Understanding of identity and access management (IAM) tools integrated with SAP systems. Soft Skills • Excellent Communication Skills: Ability to clearly articulate security concepts to diverse audiences, including engineers, product managers, and executives. • Collaboration & Influence: Proven ability to work cross-functionally with teams to align on security priorities and influence roadmaps. The ideal candidate will be passionate about security, have a proactive mindset, and be able to balance security requirements with business needs. They should be comfortable working in a fast-paced environment and be able to adapt to evolving security threats and technologies