Security Consultant-Application Security

Introduction

In this role, you'll work in one of our IBM Consulting Client Innovation Centers (Delivery Centers), where we deliver deep technical and industry expertise to a wide range of public and private sector clients around the world. Our delivery centers offer our clients locally based skills and technical expertise to drive innovation and adoption of new technology

Your Role And Responsibilities

This role blends deep SAP ABAP technical skills with hands-on experience in identifying, mitigating, and preventing application-layer security vulnerabilities within SAP systems. You will work closely with SAP developers, security architects, and business stakeholders to ensure secure design, development, and deployment of SAP custom code and configurations across modules (ECC, S / 4HANA, etc.)

Preferred Education

Master's Degree

Required Technical And Professional Expertise

• SAP ABAP Development & Code Security, Design, develop, and maintain custom SAP ABAP objects (Reports, SmartForms, BAPIs, BADIs, User Exits, Enhancements) in a secure and efficient manner.
• Apply secure coding practices to mitigate common ABAP vulnerabilities such as code injection, SQL injection, unauthorized access, RFC misuse, and insecure authorization checks.
• Perform peer code reviews and enforce secure development guidelines within the SAP development team. Application Security & Risk Management
• Conduct security assessments of ABAP code using tools like SAP Code Vulnerability Analyzer (CVA), Virtual Forge / Onapsis, and manual review techniques. Collaborate with SAP Security and Basis teams to identify and remediate application-level risks. Support threat modeling and risk analysis activities for SAP custom applications and interfaces.
• Monitor and manage security notes (SAP OSS), patches, and vulnerability disclosures relevant to SAP applications and ABAP components

Preferred Technical And Professional Experience

Skills Required

Ecc, SAP ABAP Development