Expert DevSecOps Engineer - Propel
Location: Oakland, California
Requisition ID # 164813-en_US
Our IT professionals are at the enterprise's core, leveraging modern technology to deliver safe and reliable energy to our customers. We use AI, the cloud, data science, and the latest tools and programming languages to solve hard, interesting problems and tackle challenges like the ever-growing threat of climate change, wildfires, and breaches of cyber security. Join us and experience the satisfaction of being a technology enabler for a company that leads the industry in innovation.
Success Profile
What makes a successful Team Member at PG&E? Check out the top traits we’re looking for and see if you have the right mix.
- Adaptable
- Collaborative
- Creative
- Curious
- Results-driven
- Thoughtful
Benefits
PG&E is proud to provide a comprehensive benefits program to help you take care of your physical, emotional and financial health. In addition to the offerings below, you can expect inclusive programs in areas such as performance recognition, training and employee development, mentoring and more.
-
Paid Time Off
Vacation, Sick Hours, Holidays, Family Leave
-
Employee Resource Groups
16 ERGs at the core of our DEIB culture that support employee development and foster business relationships
-
Professional Development
Leadership and Employee Development Courses, LinkedIn Learning, Mentoring Program and up to $8,000 for Tuition Reimbursement
-
Healthcare
Low-Cost Medical, Dental, Life/Accident/Disability Insurance and Free Vision
-
Healthcare & Dependent Care FSA
Pre-tax employee-funded accounts that cover certain out-of-pocket medical and dependent care expenses
-
Retirement Plans
401(k) Matching up to 8% AND Cash Balance Pension (no cost to you)
Job Details
Requisition ID # 164813
Job Category: Information Technology
Job Level: Individual Contributor
Business Unit: Information Technology
Work Type: Hybrid
Job Location: Oakland
Department Overview
Information Systems Technology Services is a unified organization comprised of various departments which collaborate effectively in order to deliver high quality technology solutions.
Position Summary
We are seeking an experienced and proactive DevSecOps SAP Engineer to join our Cybersecurity Application Platform Security Team. This role combines expertise in SAP security with a strong foundation in DevSecOps practices to ensure the ‘secure by design’, ‘secure by default’ principles throughout development, deployment, and operation of SAP systems. The ideal candidate will have hands-on experience with Cybersecurity platforms, with a deep understanding of SAP. This position plays a critical role in assisting large IT transformation initiative – Propel, to move SAP platform to cloud; operate securely. maintaining compliance, enhancing security postures, and supporting our SAP ecosystem.
The ideal candidate will be passionate about security, have a proactive mindset, and be able to balance security requirements with business needs. They should be comfortable working in a fast-paced environment and be able to adapt to evolving security threats and technologies
This position is hybrid, working from your remote office and your assigned work location based on business need. The assigned work location will be within the PG&E Service Territory.
PG&E is providing the salary range that the company in good faith believes it might pay for this position at the time of the job posting. This compensation range is specific to the locality of the job. The actual salary paid to an individual will be based on multiple factors, including, but not limited to, specific skills, education, licenses or certifications, experience, market value, geographic location, and internal equity. Although we estimate the successful candidate hired into this role will be placed between the entry point and the middle of the range, the decision will be made on a case-by-case basis related to these factors.
This job is also eligible to participate in PG&E’s discretionary incentive compensation programs.
A reasonable salary range is:
Bay Area Minimum: $132,000.00
Bay Area Maximum: $226,000.00
Job Responsibilities
- Work with SAP RISE integration partners to bake-in security controls part of design, implementation, across SAP platforms, including SAP S/4HANA, BusinessObjects (BOBJ), Business Warehouse (BW), Governance, Risk, and Compliance (GRC), and NetWeaver Gateway.
- Integrate security best practices into CI/CD pipelines to ensure secure code deployment and infrastructure-as-code for SAP environments.
- Collaborate with development, operations, and peer cybersecurity teams to enforce the shared responsibility model for cloud and on-premises SAP deployments.
- Ensure compliance with SOX regulations and other industry standards (NERC CIP where applicable) by implementing and monitoring SAP security policies and procedures.
- Ensure IAM specific controls like user access management, role design, and segregation of duties (SoD) analysis are implemented according to PG&E standards and best practices.
- Implement and support Single Sign-On (SSO) solutions for SAP systems to enhance authentication security.
- Conduct security assessments, vulnerability scans, and penetration testing on SAP applications and infrastructure.
- Be an integral part of SAP team and provide expertise in securing SAP RISE deployments, leveraging cloud-native security tools and practices (experience with SAP RISE is a plus).
- Develop and maintain documentation for security processes, security architecture patterns relevant to the emerging SAP environments.
- Stay updated on emerging threats, vulnerabilities, and security trends related to SAP and DevSecOps practices.
- Promote cybersecurity awareness among developers and stakeholders.
Qualifications
Minimum:
- Bachelor’s degree in computer science, Information Security, or a related field (or equivalent experience).
- 8 years of experience in IT security, with at least 3 years focused on SAP security engineering.
Desired:
- Proven expertise in SAP platforms, including SAP HANA, BOBJ, BW, GRC, and NetWeaver Gateway.
- Strong understanding of DevSecOps principles, including CI/CD pipeline security and automation tools (e.g., Jenkins, Git, Ansible, or similar).
- Familiarity with the shared responsibility model in cloud environments (AWS, Azure, GCP) and hybrid SAP deployments.
- Familiarity with SAP Cloud ALM (Application Lifecycle Management), clean core a plus.
- Experience with SOX compliance and auditing processes in SAP environments.
- Hands-on knowledge of SAP security modules, role administration, and SSO implementation (e.g., SAML, OAuth, Kerberos).
- Experience with SAP RISE or other SAP cloud transformation initiatives is highly desirable.
- Relevant certifications such as SAP Certified Technology Associate – Security, CISSP, CISM, or DevSecOps-specific credentials are a plus.
- Strong analytical and problem-solving skills with excellent communication and teamwork abilities.
Soft Skills
- Excellent Communication Skills: Ability to clearly articulate security concepts to diverse audiences, including engineers, product managers, and executives.
- Collaboration & Influence: Proven ability to work cross-functionally with teams to align on security priorities and influence roadmaps.
#featuredjob

Jonathan A. Solutions Architect, ExpertPG&E combines an established company’s stability with the autonomy of a startup. I enjoy high levels of trust and openness among my coworkers in a dynamic environment where I’m included in important decision-making discussions. As our company evolves, I look forward to career growth opportunities ahead.
Products & Enterprise Platforms
-
Patti Poppe Becomes the First PG&E CEO to Sign the Disability: IN CEO
In signing the CEO Letter on Disability Inclusion, Poppe commits to benchmark the company’s inclusion efforts and encourages other leaders to join IN.
Learn More -
Life at PG&E
Life at PG&E
Learn More
Related Jobs
- Principal Enterprise Architect Oakland, California
- Principal IT Regulatory Analyst Oakland, California
- Expert IT Ariba Functional Analyst Oakland, California