Spinnaker Support provides global enterprise software support, managed services, and project-based consulting to many of the world’s most recognized and respected brands. Founded in 2008, our customer focus, business integrity, exacting standards, and depth of expertise have earned us the trust and loyalty of over 1,300 organizations located in 104 countries. Our dedicated international team works closely with every customer to ensure they receive exceptional, customized services that clear the way for their operational success. Today, Spinnaker Support is proud to be the industry’s highest-rated provider for third-party software support services for Oracle, SAP and JD Edwards.

We have an immediate need for a Security Services Architect based in the United States. This position can be based out of your home office. The Security Services Architect will be responsible for developing and maintaining the operations of security products and offering within Spinnaker Support. This role will serve to define and deliver Spinnaker Support’s approach to security within the 3^rd party support and managed service markets.

This position requires a deep knowledge of the SAP architecture and experience in applying defense in depth strategies to SAP systems.   This position will be responsible for providing guidance to clients on attack surface reduction strategies in relationship to the SAP system landscape.  This will include identifying, documenting, and guiding clients in security best practices related to the applications, network and infrastructure of SAP systems. This position requires a person with multiple years of hands-on technical expertise in hardening the SAP environment.  The applicant should have an in-depth knowledge and understanding of SAP Subnets and network DMZ.  It would be beneficial to have experience or at least familiarity with Network monitoring tools.

Required Competencies:

• 5+ years of implementation and security hardening of SAP environments
• 10+ years of Basis administration
• 10+ years of SAP NetWeaver administration
• 3+ years of Unix Shell scripting
• Strong service-oriented customer engagement and pre-sale support skills
• Excellent communication skills and issue/project management skills
• Deep knowledge of the security architecture across multiple deployment platforms (network, firewall, computer, storage, database and application)
• Experience in reducing attack surface of SAP implementations
• A detailed understanding of common network topologies and their application to security mitigation.
• Strong field-level/consultative experience with ability to staff teams to meet customer support and service requirements
• Strong analytical skills with ability to understand and document details for complex solutions
• Experience in performing NetWeaver AS system security operations.
• Fundamental knowledge of protecting SAP infrastructure at SAP/OS and DB level.
• Understanding of different SAP products at architectural level
• Understanding of SAP Security Note Monitoring/Telemetry and Proficiency with SAP Vulnerability Management
• Working knowledge of SAP users, roles and authorizations

Preferred

• SAP Netweaver Application Server Security Certification
• Management and implementation of RFC Gateway and SNC
• Substantive knowledge of SSO, SNC and SSL
• Security certified (GIAVC, CISSP, SSCP, CCFP) is a plus
• 1+ year of Application Security Testing
• 2+ years of Python programming
• Experience in addressing SAP vulnerabilities beyond leveraging SAP Notes.