Information TechnologyExpected Travel:
0 - 10%Career Status:
Regular Full TimeCOMPANY DESCRIPTION
SAP started in 1972 as a team of five colleagues with a desire to do something new. Together, they changed enterprise software and reinvented how business was done. Today, as a market leader in enterprise application software, we remain true to our roots. That's why we engineer solutions to fuel innovation, foster equality and spread opportunity for our employees and customers across borders and cultures.
SAP values the entrepreneurial spirit, fostering creativity and building lasting relationships with our employees. We know that a diverse and inclusive workforce keeps us competitive and provides opportunities for all. We believe that together we can transform industries, grow economics, lift up societies and sustain our environment. Because it's the best-run businesses that make the world run better and improve people's lives.
Senior Security Engineer - Cyber Fusion CenterSUMMARY
An SAP Security Engineer acts as a front-line defender of SAP's digital enterprise. Our Security Engineers are responsible for evaluating, selecting, architecting, implementing, and operating key security tools to support security monitoring, incident response, cyber threat intelligence, and vulnerability management operations. Additionally, our Security Engineers provide key support in implementing and tuning detection signatures and integrating response actions as needed. THE ROLE
- Perform as the subject matter expert (SME) for one or more key tools crucial to security operations-e.g., SIEM, Endpoint Detection & Response (EDR), Network Packet Capture, Netflow, Threat Intelligence Platform (TIP), and/or Security Operations and Automated Response (SOAR)
- Architect, deploy, integrate, and support security operations tools (SIEM, IDS/IPS and AV) at all levels of the cloud infrastructure stack
- Develop, implement, and execute standard procedures for the administration, change management, version/patch management, and lifecycle management of critical security infrastructure
- Develop and implement correlation rules and threat monitoring use cases
- Troubleshoot and resolve issues with the threat monitoring toolsets
- Security support of key elements of an AWS Cloud Environment
- Create signatures and tools to analyze and detect malicious activity
- Build automation for response and remediation of malicious activity
- Architect and implement disaster recovery operations and data backups as required
- Experience with Python, C/C++, Java, Power Shell or other scripting language
- Ability to possess and maintain a U.S. Government/DoD Clearance
- Advanced degree in Computer Science, Software Engineering, Cyber Security, or related experience or field of study
- Security certification (e.g. Security+, GIAC, CISSP)
- Ensures communication and escalation of security activities to leadership, assists in building and configuration of new security tools and systems
- Strong quantitative and analytical skills, proven ability to track and successfully complete complex programs
- Experience and Strong Knowledge of Windows and Unix/Linux server Administration
- Comprehensive knowledge APT actors; their tools, techniques, and procedures
- Knowledge of Mitre Att&ck and Cyber Kill Chain methods and frameworks
- Knowledge of application vulnerability testing tools and techniques and Application listing solutions.
- 3-5 years' experience in supporting one or more of the following technologies: SIEM, Endpoint Detection & Response (EDR), Network Packet Capture, Netflow, Threat Intelligence Platform (TIP), and/or Security Operations and Automated Response (SOAR)
- Experience in Network architecture and design
- Prefer 1-3 years working in a cloud environment supporting key elements of the AWS Environment to include:
- AWS Networking & Connectivity
- AWS Security & Identity Management
- Security Groups
- Network Access Control Lists
- Custom Groups, Roles, Policy.
- AWS KMS (Key Management Service)
- AWS IAM (Identity Access Management)
- AWS MFA (Multi Factor Authentication)
- AWS S3 bucket policy, cross account access
- AWS Environment Monitoring
- AWS CloudTrail
- AWS Kinesis Firehose
- 1-3 years' experience working in a 24/7 operational environment (Cyber Intelligence Fusion Center, SOC, NOC, Operations Center)
#SAPSecurityCareersSGSWHAT YOU GET FROM US
Success is what you make it. At SAP, we help you make it your own.
A career at SAP can open many doors for you. If you're searching for a company that's dedicated to your ideas and individual growth, recognizes you for your unique contributions, fills you with a strong sense of purpose, and provides a fun, flexible and inclusive work environment - apply now.SAP'S DIVERSITY COMMITMENT
To harness the power of innovation, SAP invests in the development of its diverse employees. We aspire to leverage the qualities and appreciate the unique competencies that each person brings to the company.
SAP is committed to the principles of Equal Employment Opportunity and to providing reasonable accommodations to applicants with physical and/or mental disabilities. If you are interested in applying for employment with SAP and are in need of accommodation or special assistance to navigate our website or to complete your application, please send an e-mail with your request to Recruiting Operations Team. (Americas:
, EMEA: C
). Requests for reasonable accommodation will be considered on a case-by-case basis. Successful candidates might be required to undergo a background verification with an external vendor.EOE AA M/F/Vet/Disability:
Qualified applicants will receive consideration for employment without regard to their age, race, religion, national origin, gender, sexual orientation, gender identity, protected veteran status or disability.
Successful candidates might be required to undergo a background verification with an external vendor.Additional Locations: