About the job CI/CD Engineer (Security / Quality Tools)
Experience
3+ Yrs
Base Location
Germany | DE
Work Location
Walldorf/Remote
Grade (applicable to internal Candidates)
B
Are we open to considering candidates from other locations?
Checking with Client
Is it a remote working? Yes
Do you have any specific location preferences or constraints?
Checking with Client
Request Title
CI/CD Engineer (Security / Quality Tools)
Start Date
02-10-2025
End Date
31-12-2026
Hours for Estimated Spend
1
Description
Organizational purpose and objectives
At the global unit Customer and Partner in the Corporate Processes and Information Technology (CPIT) organization part of the Strategy & Operations board area, we strive to provide a seamless and superior experience across all SAPs customer-facing IT solutions. Examples of these include SAP.com, the SAP ONE Support Launchpad, the Cloud Availability Centre as well as most recently the SAP for Me project.
Project
The goal of the SAP for Me project is to provide a central platform to enable an easy and intelligently guided digital companion for the interaction between our customers and SAP. The scope of SAP for Me spans across various areas of customer interests including the communication from SAP to customers (e.g. provisioning or outage notifications), increased insight for our customers into their software portfolio across all Lobs (e.g. availability, contracts, licenses), customer-specific knowledge provisioning as well as what we call opportunities (i.e. recommendations for innovative products, suggested trials, relevant learnings).
Positions Requested
1
Experience level
Application Consulting - E3 - Project Manager (SAP Experience 3+ years)
Scope of Services / Deliverables
CI/CD Engineer (Security / Quality Tools)
We are looking for a CI/CD Engineer to set up Open-Source Security (OSS) Scanning as well as Testing for Functional Correctness with SonarQube.
Make a proposal for an OSS security scanning tool that meets company requirements for security and compliance as well as boundary conditions of SAP for Me
Create and maintain needed CI/CD pipelines for chosen OSS Tool and SonarQube
Set-up chosen OSS Tool in a way that only application relevant findings are reported for the respective repositories (in contrast to platform related findings); integrate Quality Gates for Pipeline Blocking
Configure SonarQube so that it is running in Frontend and Backend and enforcing Quality Gates by blocking builds that do not meet specified criteria
Ensure that both OSS Tool and SonarQube are functioning correctly and troubleshoot any issues that may arise in the Enablement phase.
Ensure Knowledge Transfer and provide documentation for maintenance purposes
Support the teams with the Tools onboarding (both from a technical and how it works perspective)
Skills
Strong background in integrating security & quality tools
Experience with setting up Security Testing Tools (especially OSS Tools)
Experience with the integration of code coverage analytical tools (especially SonarQube)
Experience with Black Duck and other common OSS Tools such as Mend etc.
Experience with Black Duck Binary Analysis
Experience with GitHub Actions, Tekton
Experience with containerization technologies such as Docker
Experience with Kubernetes
Ideally Experience with Software bill of materials (SBOM) files
Familiarity with best practices related to automated testing
Strong problem-solving and troubleshooting skills
Very good communication skills in the interaction with colleagues from other units (clarification of technical prerequisites, evaluation of technical options)
Work delivery location (Country)
Germany | DE
Work delivery location (City)
Walldorf/Remote