Sr SAP Security Analyst (ABAP)

Join us in pioneering breakthroughs in healthcare. For everyone. Everywhere. Sustainably.

Our inspiring and caring environment forms a global community that celebrates diversity and individuality. We encourage you to step beyond your comfort zone, offering resources and flexibility to foster your professional and personal growth, all while valuing your unique contributions.

We are seeking a Senior SAP Security Professional with strong expertise in secure ABAP programming to ensure the security and integrity of our enterprise SAP systems. In this role, you will work closely with business stakeholders, SAP developers, and architects to enforce secure coding standards, maintain compliance with security policies, and mitigate vulnerabilities across SAP environments. You will play a pivotal role in safeguarding SAP systems by managing security configurations, reviewing ABAP code for security vulnerabilities, and ensuring adherence to ABAP security best practices.

As a Senior Analyst, you will lead and support security initiatives across SAP S/4HANA, GTS, SAP Fiori, SAP BTP, and other core SAP applications. You will be responsible for designing and implementing secure SAP solutions, managing user provisioning, and troubleshooting complex security issues using advanced analytical techniques and Fiori debugging.

SAP Security Design & Development

• Design and implement secure SAP Security solutions across SAP S/4HANA, GTS, SAP Fiori, and SAP BTP.
• Collaborate with SAP developers and architects to enforce secure ABAP coding standards, ensuring that security measures are embedded into the software development lifecycle (SDLC).
• Conduct regular reviews of ABAP code to identify security vulnerabilities and enforce compliance with SAP secure development guidelines.
  
  

ABAP Security & Vulnerability Management

• Collaborate with SAP developers to perform ABAP code reviews, ensuring compliance with SAP security standards.
• Conduct Onapsis scans to identify vulnerabilities in SAP custom developments and work with development teams to remediate identified risks.
• Analyze and mitigate security risks associated with ABAP developments, applying industry-standard security controls and best practices.
• Implement security controls aligned with industry standards such as SOX, GDPR, and NIST.
• Drive the analysis and management of security vulnerabilities and incidents to ensure effective response and remediation.
  
  

Cybersecurity Governance & Compliance

• Specify and maintain IT Security/Cybersecurity configurations, hardening guidelines, and policies to ensure a robust security posture.
• Assure the correct implementation and effective operation of IT Security requirements and regulations across SAP environments.
• Conduct threat and risk analysis, define countermeasures, and support exception management to address identified security gaps.
• Review and validate applications and IT services, including friendly hacking, penetration testing, and security assessments.
• Support release processes of IT services from a security standpoint, ensuring compliance with security requirements at critical milestones.
• Provide technical analysis for current and emerging technologies regarding IT Security/Cybersecurity and contribute to continuous improvement initiatives.
• Support data privacy analysis and ensure the clearance of IT services in line with GDPR and other regulatory frameworks.
  
  

Cross-Functional Collaboration & Stakeholder Engagement

• Partner with SAP developers, architects, and functional teams to ensure that ABAP security best practices are integrated into all development and customization processes.
• Collaborate with auditors and compliance teams to address findings and ensure continuous alignment with regulatory requirements.
• Drive cybersecurity-related communication with stakeholders, ensuring timely security updates, KPI fulfillment, and alignment with security requirements.
  
  

Advanced Problem Solving & Support

• Investigate and resolve complex security issues using advanced analytical and debugging skills.
• Perform root cause analysis of security-related issues and develop long-term solutions to prevent recurrence.
• Continuously improve security processes, identify automation opportunities, and enhance system security and performance.
• Provide guidance to project teams during the development and release of IT services, ensuring that cybersecurity considerations are incorporated at every stage.
  
  

Knowledge Sharing & Continuous Improvement

• Collect lessons learned and contribute to continuous improvement activities, including updating guidelines and integrating feedback into awareness campaigns and employee training.
• Exchange experiences with internal and external cybersecurity communities to stay updated on evolving threats, industry best practices, and new technologies.
• Support and review the specification of security requirements for SAP projects and services to ensure alignment with cybersecurity standards.
  
  

Experience Required : Minimum 7 years of experience required

Who we are: We are a team of more than 73,000 highly dedicated Healthineers in more than 70 countries. As a leader in medical technology, we constantly push the boundaries to create better outcomes and experiences for patients, no matter where they live or what health issues they are facing. Our portfolio is crucial for clinical decision-making and treatment pathways.

How we work: When you join Siemens Healthineers, you become one in a global team of scientists, clinicians, developers, researchers, professionals, and skilled specialists, who believe in each individual’s potential to contribute with diverse ideas. We are from different backgrounds, cultures, religions, political and/or sexual orientations, and work together, to fight the world’s most threatening diseases and enable access to care, united by one purpose: to pioneer breakthroughs in healthcare. For everyone. Everywhere. Sustainably.

To find out more about Healthineers’ specific businesses, please visit our company page here.

As an equal opportunity employer, we welcome applications from individuals with disabilities.

Data Privacy: We care about your data privacy and take compliance with GDPR as well as other data protection legislation seriously. For this reason, we ask you not to send us your CV or resume by email. We ask instead that you create a profile where you can upload your CV. Setting up a profile also lets us know you are interested in career opportunities with us and makes it easy for us to send you an alert when relevant positions become open. Register here to get started.

Beware of Job Scams: Please beware of potentially fraudulent job postings or suspicious recruiting activity by persons that are currently posing as Siemens Healthineers recruiters/employees.  These scammers may attempt to collect your confidential personal or financial information.  If you are concerned that an offer of employment with Siemens Healthineers might be a scam or that the recruiter is not legitimate, please verify by searching for the posting on the Siemens Healthineers career site.

To all recruitment agencies: Siemens Healthineers does not accept agency resumes. Please do not forward resumes to our jobs alias, employees, or any other company location. Siemens Healthineers is not responsible for any fees related to unsolicited resumes. As an equal opportunity employer, we welcome applications from individuals with disabilities.