Share this Job

Cyber Defense Specialist

Apply now »

Date: Mar 19, 2021

City: Bellevue, US, 98004

Company: SAP



Requisition ID: 275018
Work Area: Information Technology
Expected Travel: 0 - 10%
Career Status: Professional
Employment Type: Regular Full Time



SAP started in 1972 as a team of five colleagues with a desire to do something new. Together, they changed enterprise software and reinvented how business was done. Today, as a market leader in enterprise application software, we remain true to our roots. That’s why we engineer solutions to fuel innovation, foster equality and spread opportunity for our employees and customers across borders and cultures.

SAP values the entrepreneurial spirit, fostering creativity and building lasting relationships with our employees. We know that a diverse and inclusive workforce keeps us competitive and provides opportunities for all. We believe that together we can transform industries, grow economics, lift up societies and sustain our environment. Because it’s the best-run businesses that make the world run better and improve people’s lives.

As an Incident Response Specialist, you will be a crucial front-line defender of SAP’s digital enterprise. You will be responsible for triaging security alerts detected by Enterprise Detection and SIEM, analyzing all available data to determine if a cyber-attack is occurring, scoping the extent of a suspected attack, coordinating efforts to contain attacks, and providing guidance on remediation actions.


           Key responsibilities may include:

  • Perform Incident Response Tier II duties as a part of a 24/7 cyber incident response team
  • Leverage SAP’s security tools to monitor, triage, and respond to security event alerts
  • Communicate updates to stakeholders both within and outside security

    Key tasks may include:
  • Perform intrusion scope and root cause analyses - Handle critical severity incidents as described in the operations runbook
  • Coordinate with Intelligence Analysts to correlate threat assessment data 
  • Provide onboarding training and coaching to junior Incident Response Analysts 
  • Perform cyber defense trend analysis and reporting
  • Track and document cyber defense incidents from initial detection through final resolution, including cyber defense techniques used and lessons learned
  • Collect intrusion artifacts and use discovered data to enable mitigation of potential cyber defense incidents within the enterprise
  • Ensure communication and escalation of security activities to leadership and senior-level team members
  • Develop incident handling processes, standard operating procedures, playbooks, and runbooks
  • Work with management to identify areas of improvement and enhance efficiency of the program
  • Proactively research on latest threats and monitoring/detecting technologies

    Role Requirements:
  • Bachelor’s degree in Science, Technology, Engineering, and Mathematics (STEM) disciplines
  • 2-5 years of experience working in a 24/7 operational environment (Cyber Intelligence Fusion Center, SOC, NOC, Operations Center)
  • Knowledge of TTP methods and frameworks
  • Knowledge of TCP/IP communications, and common protocols and applications, including DNS, HTTP, and SMB
  • Knowledge of the Windows file system, registry functions and memory artifacts and/or expert knowledge of Unix/Linux file systems and memory artifacts
  • Experience with one or more scripting languages (Powershell, Python, Bash, etc.)
  • Experience managing cases with enterprise SIEM or Incident Management systems
  • Security Certifications like CISSP, CISA, CISM, GCFA, GCIH, GCIA, GNFA, GREM, GCCC, or Security+ are an asset






Success is what you make it. At SAP, we help you make it your own. A career at SAP can open many doors for you. If you’re searching for a company that’s dedicated to your ideas and individual growth, recognizes you for your unique contributions, fills you with a strong sense of purpose, and provides a fun, flexible and inclusive work environment – apply now.

To harness the power of innovation, SAP invests in the development of its diverse employees. We aspire to leverage the qualities and appreciate the unique competencies that each person brings to the company.

SAP is committed to the principles of Equal Employment Opportunity and to providing reasonable accommodations to applicants with physical and/or mental disabilities. If you are in need of accommodation or special assistance to navigate our website or to complete your application, please send an e-mail with your request to Recruiting Operations Team (Americas: Careers.NorthAmerica@sap.com or Careers.LatinAmerica@sap.com, APJ: Careers.APJ@sap.com, EMEA: Careers@sap.com).

Successful candidates might be required to undergo a background verification with an external vendor.

Additional Locations

Nearest Major Market: Seattle
Nearest Secondary Market: Bellevue

Job Segment: ERP, Engineer, SAP, Unix, Technology, Engineering, Research