Lead DevSecOps Engineer

Who we are?

msg global solutions is a systems integrator, software development partner, and managed services provider focused on SAP solutions for multiple industries. Our services include strategies for accounting, finance, regulatory reporting, performance management, sustainability, customer experience, and IoT. Operating from offices across the globe and growing, we help clients achieve operational efficiency and improve decision-making capabilities. With deep industry knowledge, technical expertise, and a diverse range of perspectives, our people spark change and create innovative solutions to complex operational issues. Our goal is to create long-lasting client relationships built on trust and dependability.

msg global solutions is part of msg, an independent, international group of companies with more than 10,000 employees around the world.

What we do?

msg global works as a host & service provider for all msg global companies outside Germany/Austria/Switzerland and CEE/CIS. msg group can use our global infrastructure to offer their services globally without negative financial impacts for us.

What will you do?

This is a hands-on technical role requiring senior/expert level skills in Security on Cloud

• Define and implement security for our cloud applications on SAP BTP
• Be responsible for all security relevant aspects of our cloud applications - test tools, runtime and operations
• Discuss cloud application security with our management and with SAP
• Automate static security testing
• Secure web and cloud applications based on SSL/TLS, mTLS, OIDC, SAML2 and OAuth2
• Perform coding work
• Implement security review processes

What experiences you should have?

• At least two years of experience in implementing security for SaaS and PaaS
• 7+ years of experience in handling DevOps work driven mainly in the cloud (Google, AWS, Azure) environment
• Should have excellent understanding of Devops principles
• Familiarity with the majority of the following
  • Bitbucket pipelines, Jenkins or comparable tools
  • SSL/TLS, DNS, mTLS, ssh, TCP/IP
  • OAuth2, OIDC, SAML2, Azure AD, Keycloak, Vault
  • Checkmarx, Fortify, Findbugs, Whitesoure/Mend, Blackduck, Snyk, CVEs
  • Docker Security, K8S
  • SAP BTP
  • OWASP
  • GDPR and SOC Compliance
• Understanding of Node.js applications
• Strong hands-on attitude and try-harder mindset

What do we offer?

• A challenging and multi-cultural working environment in experienced teams with open access to a mentor for ongoing interaction and support
• Boost the development of your career in both technical and functional directions by comprehensive advanced education and certificates
• An attractive and competitive salary package, employee benefits and flexible working hours
• International exposure, internal and external training, and certifications to help you to further develop your talents
• Access to innovative and emerging technologies
• A team in which the core values are collaboration, thought leadership and entrepreneurship