you bring your best to us, and well bring out the best in you.
Were builders touching over 20 industries and 80 of global commerce, and we need your unique talents to help shape whats next.
The work is challenging :
but it matters.
Youll find a place where you can be yourself, prioritize your wellbeing, and truly belong.
Whats in it for you? Constant learning, skill growth, great benefits, and a team that wants you to grow and succeed.
What you'll build:
rn software systems increasingly rely on third:
party and open:
source components, expanding the softwaresupplychain and its exposure to security risks.
The Software Bill of Materials (SBOM), promoted by governments and industry standards such as NTIA and ISO, is becoming a key tool for enhancing transparency and security; however, its effectiveness depends on the quality of the underlying vulnerability data.
In this role, the candidate will investigate the current state of SBOM:
based detection for both vulnerabilities and malicious packages to devise improvements.
In particular, the candidate will:
Analyze open and commercial databases (e.g., OSV.dev) to assess data quality, coverage, and consistency.
Explore automated approaches to identify and correct misclassified or inaccurate alerts caused by poor data rather than actual risk.
Develop a prototype implementation of the proposed improvements.
Perform an empirical evaluation of the effectiveness of the approach.
The work will directly improve the accuracy and reliability of softwaresupplychainsecurity intelligence, helping developers and security teams focus on the issues that truly matter.
This is a research:
focused internship requiring critical thinking and adaptability:
the scope and methods may be adjusted as insights emerge to develop practical, evidence:
based improvements.
What you bring:
You are curious, analytical, and motivated to explore complex problems in softwaresupplychainsecurity.
Technical skills:
:
Programming experience, preferably in Python
:
Familiarity with GitHub and version control management
:
Experience working with APIs and JSON data
:
Proactive problem:
solving mindset
:
Ability to work independently
:
Domain knowledge is a plus (e.g., OSS vulnerability databases and scanners)
Soft skills:
:
Attentive and receptive to guidance
:
Able to communicate ideas and findings clearly
Bring out your best
SAP innovations help more than four hundred thousand customers worldwide work together more efficiently and use business insight more effectively.
Originally known for leadership in enterprise resource planning (ERP) software, SAP has evolved to become a market leader in end:
to:
end business application software and related services for database, analytics, intelligent technologies, and experience management.
As a cloud company with two hundred million users and more than one hundred thousand employees worldwide, we are purpose:
driven and future:
focused, with a highly collaborative team ethic and commitment to personal development.
Whether connecting global industries, people, or platforms, we help ensure every challenge gets the solution it deserves.
At SAP, you can bring out your best.
We win with inclusion
SAP's culture of inclusion, focus on health and well:
being, and flexible working models help ensure that everyone :
regardless of background :
feels included and can run at their best.
At SAP, we believe we are made stronger by the unique capabilities and qualities that each person brings to our company, and we invest in our employees to inspire confidence and help everyone realize their full potential.
We ultimately believe in unleashing all talent and creating a better world.
SAP is committed to the values of Equal Employment Opportunity and provides accessibility accommodations to applicants with physical and/or mental disa mouginscedex Information Technology, Purchasing & SupplyChain CDI Competitive
