Loading...
 
Share this Job
Information Technology

Analyst - Security Operations Incident Response

What we offer

Our company culture is focused on helping our employees enable innovation by building breakthroughs together. How? We focus every day on building the foundation for tomorrow and creating a workplace that embraces differences, values flexibility, and is aligned to our purpose-driven and future-focused work. We offer a highly collaborative, caring team environment with a strong focus on learning and development, recognition for your individual contributions, and a variety of benefit options for you to choose from. Apply now!

 

 


SUMMARY
 

The Global Security Operations team is responsible for triaging security alerts detected by Enterprise Detection and SIEM, analyzing all available data to determine if a cyber-attack is occurring, scoping the extent of a suspected attack, coordinating efforts to contain attacks, performing forensic investigations to determine the details around an attack, and providing guidance on remediation actions.
 
THE ROLE

 

  • As a Security Operations Incident Response Analyst (m/f/d), you will be a crucial front-line defender of SAP Global Security Operations.
  • Performs IR Tier II duties as a part of a 24/7 cyber incident response team  
  • Performs attack scope and root cause analyses   
  • Develops attack remediation strategies
  • Ensures communication and escalation of security activities to leadership 
  • Performs additional analysis of escalations from Event Analysts and conducts case review 
  • Identifies and develops workflow automation to lower response time and eliminate lengthy response times 
  • Development of incident handling processes, standard operating procedures, playbooks and runbooks.  

 
ROLE REQUIREMENTS

 

  • Bachelors in Engineering and equivalent (preferably in Computer Science) with minimum 4 years of experience.  
  • Experience working in a 24/7 operational environment (Cyber Intelligence Fusion Center, SOC, NOC, Operations Center).Has Security certification (e.g. Security+, GCIA, GCIH, CISSP)
  • Experience managing cases with enterprise SIEM or Incident Management systems (Information Security, Information Systems, Engineering or related work experience)
  • Knowledge of APT actors; their tools, techniques, and procedures (TTPs), TTP methods and frameworks,TCP/IP communications & knowledge of how common protocols and applications work at the network level, including DNS, HTTP, and SMB 
  • Technology: Good knowledge of one or more of the following: Windows/AD file system, registry functions and memory artifacts, Unix/Linux file systems and memory artifacts, Mac file systems and memory artifacts, Cybersecurity automation, SIEM tools (Splunk, Loggly, Sumo Logic, LogZilla, jKool)
  • Experience with one or more scripting languages (Powershell, Python, Bash, etc.)
  • Ability to demonstrate analytical expertise, close attention to detail, excellent critical thinking, logic, and solution orientation and to learn and adapt quickly. 


#SAPSecurityCareers

 

 

 

We are SAP

SAP innovations help more than 400,000 customers worldwide work together more efficiently and use business insight more effectively. Originally known for leadership in enterprise resource planning (ERP) software, SAP has evolved to become a market leader in end-to-end business application software and related services for database, analytics, intelligent technologies, and experience management. As a cloud company with 200 million users and more than 100,000 employees worldwide, we are purpose-driven and future-focused, with a highly collaborative team ethic and commitment to personal development. Whether connecting global industries, people, or platforms, we help ensure every challenge gets the solution it deserves. At SAP, we build breakthroughs, together.

 

Our inclusion promise

SAP’s culture of inclusion, focus on health and well-being, and flexible working models help ensure that everyone – regardless of background – feels included and can run at their best. At SAP, we believe we are made stronger by the unique capabilities and qualities that each person brings to our company, and we invest in our employees to inspire confidence and help everyone realize their full potential. We ultimately believe in unleashing all talent and creating a better and more equitable world.

 

SAP is proud to be an equal opportunity workplace and is an affirmative action employer. We are committed to the values of Equal Employment Opportunity and provide accessibility accommodations to applicants with physical and/or mental disabilities. If you are interested in applying for employment with SAP and are in need of accommodation or special assistance to navigate our website or to complete your application, please send an e-mail with your request to Recruiting Operations Team: Americas: Careers.NorthAmerica@sap.com or Careers.LatinAmerica@sap.com, APJ: Careers.APJ@sap.com, EMEA: Careers@sap.com.

 

EOE AA M/F/Vet/Disability:

Qualified applicants will receive consideration for employment without regard to their age, race, religion, national origin, ethnicity, age, gender (including pregnancy, childbirth, et al), sexual orientation, gender identity or expression, protected veteran status, or disability.

Successful candidates might be required to undergo a background verification with an external vendor.

 Requisition ID:310501 | Work Area: Information Technology | Expected Travel: 0 - 10% | Career Status: Professional | Employment Type: Regular Full Time  | Additional Locations: 

Analyst - Security Operations Incident Response

Facility:  310501
Posted Date:  Nov 6, 2021
Work Area:  Information Technology
Career Status:  Professional
Employment Type:  Regular Full Time
Expected Travel:  0 - 10%
Location: 

Bangalore, KA, IN, 560066


Job Segment: Operations Manager, ERP, Engineer, Operations, Security, Technology, Engineering