Security Incident Response Analyst

Job Description

We help the world run better
At SAP, we keep it simple: you bring your best to us, and we'll bring out the best in you. We're builders touching over 20 industries and 80% of global commerce, and we need your unique talents to help shape what's next. The work is challenging – but it matters. You'll find a place where you can be yourself, prioritize your wellbeing, and truly belong. What's in it for you? Constant learning, skill growth, great benefits, and a team that wants you to grow and succeed.

Job Description

The Security Incident Response Analyst role will be dedicated to the real time analysis and escalation coordination of detected cyber threat events and intelligence, supporting operational efforts around the Security Detection and remediation to various system owners and other stakeholders and ensuring real time capability enhancement to respond to evolving threats.

The Security Incident Response Analyst role will be responsible for providing timely situational analysis of Security Alerts, escalation and tracking of potential attacks for remediation to system owners and provide information for potential impact to the environments’ security posture, and the development of actionable remediation steps where relevant.

Your Role and Responsibilities

The Security Incident Response Analyst role will work as an integrated part of the Security Incident Response Team, working in a follow the sun model with members across the globe. Candidates in this role will review and analyze identified security event alerts, information and security intelligence relevant to threats facing the systems, infrastructure, and resources critical to our clients.

They will use this information to determine validity, severity, provide remediation recommendations and communicate this security event analysis to the system owners for remediation on a real time basis as well as tracking and reporting of these activities. Candidates should be experienced in analyzing cyber-attack attempts threats and security intelligence analysis, event tracking and escalation management and reporting.

The ideal candidate would be expected to stay current with the latest security related news, attack techniques, understand current vulnerabilities, and their respective countermeasures.

Core Security Incident Response Skills:

• Strong verbal, written communication skills with high level of detail accuracy
• Strong security background performing review and analysis of cyber-attacks and developing remediation recommendations.
• Creative problem-solving skills and can apply knowledge to new and never before encountered scenarios, often working under pressure situations.
• Takes an active part in the gathering, analysis, and communication of Attack alerts identified by monitoring teams
• Present actionable analysis and recommendations of identified cyber alerts to system owners and leadership across business lines as necessary
• Develop and modify documentation detailing new and improved run-books for the processes of threat analysis capability and eventual cataloging of the indicators of attack by assessed impact to the environment
• Ability to work easily with diverse and dynamic teams
• Understanding of Application Architectures and application attack methodologies

Security Operations Domain Skills:

• Depth of knowledge in two or more of the core Security Operations and Incident Response domains such as Security Triage, Cyber Threat Hunting, Security operations management, incident investigation and response process and procedures.
• Depth of knowledge in contemporary and legacy security technologies used within the Security Operations domain (such as SIEM technologies, ticketing and workflow orchestration, Threat-Intelligence Platforms, active defense, UseCase construction, Cloud based operations, etc)
• Knowledge in and current knowledge of security threat intelligence and recent attack vectors including network, application and social methods.
• Knowledge in and an understanding or proficiency in information security and compliance regulations, frameworks and leading practices

Required Professional and Technical Expertise

These are the MUST-HAVES

• At least 2 years experience in the field of security analysis, intelligence, engineering, architecture, operations and/or assurance functions;
• A degree from a recognized university in the sciences, engineering, information security, or related studies
• Demonstrable experience in the area of time critical Cyber attack event analysis, threat intelligence application, vulnerability analysis and event escalation.
• Demonstrable experience using monitoring tools to identify cyber security events or alerts of potential/active threats, intrusions, and/or compromises.
• Candidates must be willing to work in an on-call situation and function independently at times.

Preferred Profession and Technical Requirements

These are NICE TO HAVES

• Technical experience working with enterprise security technologies like SIEM, antivirus/malware, IDS, WAF, DDoS mitigation platforms.
• Specific operational knowledge of Splunk, Service Now platforms
• Experience utilizing Threat Intelligence Analysis
• Understanding of back-channels typically used by actors for malicious activity (IRC, Dark Web).
• Experience working on global/multicultural teams across different time zones.

Bring out your best
SAP innovations help more than four hundred thousand customers worldwide work together more efficiently and use business insight more effectively. Originally known for leadership in enterprise resource planning (ERP) software, SAP has evolved to become a market leader in end-to-end business application software and related services for database, analytics, intelligent technologies, and experience management. As a cloud company with two hundred million users and more than one hundred thousand employees worldwide, we are purpose-driven and future-focused, with a highly collaborative team ethic and commitment to personal development. Whether connecting global industries, people, or platforms, we help ensure every challenge gets the solution it deserves. At SAP, you can bring out your best.

We win with inclusion
SAP’s culture of inclusion, focus on health and well-being, and flexible working models help ensure that everyone – regardless of background – feels included and can run at their best. At SAP, we believe we are made stronger by the unique capabilities and qualities that each person brings to our company, and we invest in our employees to inspire confidence and help everyone realize their full potential. We ultimately believe in unleashing all talent and creating a better world.

SAP is committed to the values of Equal Employment Opportunity and provides accessibility accommodations to applicants with physical and/or mental disabilities. If you are interested in applying for employment with SAP and are in need of accommodation or special assistance to navigate our website or to complete your application, please send an e-mail with your request to Recruiting Operations Team: Careers@sap.com.

For SAP employees: Only permanent roles are eligible for the SAP Employee Referral Program, according to the eligibility rules set in the SAP Referral Policy. Specific conditions may apply for roles in Vocational Training.

Qualified applicants will receive consideration for employment without regard to their age, race, religion, national origin, ethnicity, age, gender (including pregnancy, childbirth, et al), sexual orientation, gender identity or expression, protected veteran status, or disability.

Compensation Range Transparency: SAP believes the value of pay transparency contributes towards an honest and supportive culture and is a significant step toward demonstrating SAP’s commitment to pay equity. SAP provides the annualized compensation range inclusive of base salary and variable incentive target for the career level applicable to the posted role. The targeted combined range for this position is 90000 - 153000(USD) USD. The actual amount to be offered to the successful candidate will be within that range, dependent upon the key aspects of each case which may include education, skills, experience, scope of the role, location, etc. as determined through the selection process. Any SAP variable incentive includes a targeted dollar amount and any actual payout amount is dependent on company and personal performance. Please reference this link for a summary of SAP benefits and eligibility requirements: SAP North America Benefits.

AI Usage in the Recruitment Process

For information on the responsible use of AI in our recruitment process, please refer to our Guidelines for Ethical Usage of AI in the Recruiting Process.

Please note that any violation of these guidelines may result in disqualification from the hiring process.

Requisition ID: 448298 | Work Area: Information Technology | Expected Travel: 0 - 10% | Career Status: Professional | Employment Type: Regular Full Time | Additional Locations: #LI-Hybrid