Application Security Developer

Requisition ID
Visa Sponsorship
Travel Requirements


Germany SAS


SAS believes in the whole employee experience. Meaningful work. Empowerment to make a difference that changes people’s lives. Dynamic work environments that foster innovation. And an award-winning culture that makes it all possible. We believe great ideas can come from anywhere. Whether you're a university recruit, or an experienced professional ready for the next big challenge, SAS brings perks, passion, and the potential to grow. No limits.


We help organizations turn large amounts of data into knowledge they can use, and we do it better than anyone. It’s no wonder an overwhelming majority of our customers continue to use SAS every year. It’s because we hire the best people to create great software and services.


As a member of the SAS Solutions OnDemand (SSOD) Application Administration Team, you will be responsible for developing and executing security controls, defenses and countermeasures to prevent attacks and reduce the risk of customer data loss as it relates to the SAS Application stack and associated third-party application software. We are looking for a technically strong individual who is passionate about information security and enjoys design and architecture as well as hands-on implementation of all aspects of security. SSOD is a division within SAS that is responsible for hosting SAS solutions under several business models including Enterprise Hosting, Software as a Service and Remote Managed Software and Services. We provide Cloud Managed Services for hundreds of SAS Customers, managing some of the most sensitive data and systems in the industry.


Primary Responsibilities :
• This position has a special focus on securing the SAS technology stack.
• Engineer security of the SAS technology stack within hosted systems including Cloud and Enterprise Hosting.
• Evaluate security status of hosted systems and recommend technical remediation.
• Ensure application security architectures and standard operating procedures are documented.
• Partner with SAS IT Information Security and SAS R&D Security Team to represent the interests and requirements of SAS Solutions OnDemand.
• Participate in risk assessments, customer audits and other activities as appropriate in coordination with SAS IT and SAS Solutions OnDemand Compliance teams.
• Implementation and oversight of SAS Application technologies needed to meet and enforce security policies as defined by SAS Information Security, SAS Solutions OnDemand Compliance, regulatory standards and industry best practices.
• Researches attempted or successful efforts to compromise SAS Application security, determines causes of security violations, and implements countermeasures.
• Works with SSOD and SAS IT Compliance organizations to conduct security risk assessments on SAS Application systems and makes recommendations to management to improve security and avoid negative impact on the business caused by theft, destruction, alteration, or denial of access to information and systems.
• Maintains SAS Application software and encryption protocols.
• Researches latest security best practices, staying abreast of new threats and vulnerabilities and helps disseminate this information to appropriate groups within the organization.
• Coordinates and executes security projects with SAS IT and SAS R&D for SSOD.


Essential Requirements:

• Strong systems administration skills primarily in Unix/Linux and including Windows.
• Experience with application security with a focus on web applications and service-oriented architectures.
• Experience with systems security tools, hardening and industry standard practices.
• Strong understanding of networking, including routers, switches, TCP/IP, public/private networks, IPSec, and VPN. •
• Knowledge of web-application security and scripting languages (Python, PERL, PHP, and/or Shell).
• Knowledge of database software and security.
• Knowledge of industry standards such as NIST, FISMA, SOC, HIPPA, ISO 27001, etc.


Additional Skills and Knowledge:

• Strong problem solving skills.
• Ability to interface with customers and communicate complex ideas and technologies effectively.
• Ability to work independently and as part of a team
• Knowledge of risk management standards and procedures



• Experience building secure cloud-based infrastructures using Amazon Web Services or equivalent.
• Experience architecting and implementing network security.
• IT Security Certifications such as; CISSP, SSCP, CASP, GIAC, CISM, OSCP
• Experience with SAS applications and technology.



SAS looks not only for the right skills, but also for a cultural fit. We seek colleagues who will contribute to the unique culture that makes SAS such a great place to work. We look for the total candidate: technical skills, culture fit, relationship skills, problem solvers, good communicators and, of course, innovators. Candidates must be ready to make an impact.


Additional Information:

To qualify, applicants must be legally authorized to work in the United States, and should not require, now or in the future, sponsorship for employment visa status.

SAS is an equal opportunity employer.  All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status or any other characteristic protected by law.

The level of this position will be determined based on the applicant's education, skills and experience.

Resumes may be considered in the order they are received.

SAS employees performing certain job functions may require access to technology or software subject to export or import regulations. To comply with these regulations, SAS may obtain nationality or citizenship information from applicants for employment. SAS collects this information solely for trade law compliance purposes and does not use it to discriminate unfairly in the hiring process.


Want to stay up to date with SAS culture, products and jobs? Follow us on LinkedIn LinkedIn Logo


Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share with your networks