CI/CD Engineer (Security / Quality Tools)

Experience

3+ Yrs

Base Location

Germany | DE

Work Location

Grade (applicable to internal Candidates)

B

Are we open to considering candidates from other locations?

Checking with Client

Is it a remote working? Yes

Do you have any specific location preferences or constraints?

Checking with Client

Request Title

CI/CD Engineer (Security / Quality Tools)

Start Date

02-10-2025

End Date

31-12-2026

Hours for Estimated Spend

1

Description

Organizational purpose and objectives
At the global unit Customer and Partner in the Corporate Processes and Information Technology (CPIT) organization part of the Strategy & Operations board area, we strive to provide a seamless and superior experience across all SAPs customer-facing IT solutions. Examples of these include SAP.com, the SAP ONE Support Launchpad, the Cloud Availability Centre as well as most recently the SAP for Me project.
Project
The goal of the SAP for Me project is to provide a central platform to enable an easy and intelligently guided digital companion for the interaction between our customers and SAP. The scope of SAP for Me spans across various areas of customer interests including the communication from SAP to customers (e.g. provisioning or outage notifications), increased insight for our customers into their software portfolio across all Lobs (e.g. availability, contracts, licenses), customer-specific knowledge provisioning as well as what we call opportunities (i.e. recommendations for innovative products, suggested trials, relevant learnings).

Positions Requested

1

Application Consulting - E3 - Project Manager (SAP Experience 3+ years)

We are looking for a CI/CD Engineer to set up Open-Source Security (OSS) Scanning as well as Testing for Functional Correctness with SonarQube.

• Make a proposal for an OSS security scanning tool that meets company requirements for security and compliance as well as boundary conditions of SAP for Me
• Create and maintain needed CI/CD pipelines for chosen OSS Tool and SonarQube
• Set-up chosen OSS Tool in a way that only application relevant findings are reported for the respective repositories (in contrast to platform related findings); integrate Quality Gates for Pipeline Blocking
• Configure SonarQube so that it is running in Frontend and Backend and enforcing Quality Gates by blocking builds that do not meet specified criteria
• Ensure that both OSS Tool and SonarQube are functioning correctly and troubleshoot any issues that may arise in the Enablement phase
• Ensure Knowledge Transfer and provide documentation for maintenance purposes
• Support the teams with the Tools onboarding (both from a technical and how it works perspective)

• Strong background in integrating security & quality tools
• Experience with setting up Security Testing Tools (especially OSS Tools)
• Experience with the integration of code coverage analytical tools (especially SonarQube)
• Experience with Black Duck and other common OSS Tools such as Mend etc.
• Experience with Black Duck Binary Analysis
• Experience with GitHub Actions, Tekton
• Experience with containerization technologies such as Docker
• Experience with Kubernetes
• Ideally Experience with Software bill of materials (SBOM) files
• Familiarity with best practices related to automated testing
• Strong problem-solving and troubleshooting skills
• Very good communication skills in the interaction with colleagues from other units (clarification of technical prerequisites, evaluation of technical options)