Solution and Product Management

Security Operations Engineering Lead - SAP Concur

What we offer

Our company culture is focused on helping our employees enable innovation by building breakthroughs together. How? We focus every day on building the foundation for tomorrow and creating a workplace that embraces differences, values flexibility, and is aligned to our purpose-driven and future-focused work. We offer a highly collaborative, caring team environment with a strong focus on learning and development, recognition for your individual contributions, and a variety of benefit options for you to choose from. Apply now!



SAP Concur Security Operations is a central function that is responsible for ensuring SAP Concur’s ability to maintain and improve our SOC Maturity Model, determine ongoing control and remediation requirements and monitor them to ensure remediation of security gaps. SAP Concur Security Operations further supports the line of business in developing threat hunting techniques for Service Organization Control (SOC) detections and investigations. 
SAP Concur Security Operations is a global team with a follow-the-sun structure. It closely interacts with global and local functions in the areas of development and compliance, product development, audit support, incident management and other internal and external stakeholders. Members of the Security Operations team will utilize a threat-based security approach focused on known and active adversarial behaviors. 
The Security Operations Team is looking for a Security Operations Engineering Lead in the Americas region. This hands-on person enables SAP Concur to monitor application performance, implement automation to streamline security efforts, and improve your skills as an information security practitioner. At the same time, we offer you to:


  • Live your virtue as a problem solver for complex issues and security requirements
  • Be a functional lead and drive internal projects
  • Be part of a global and diverse team
  • Work in an operations and security function (incident management and data loss prevention)
  • Learn about security and compliance aspects of all of SAP Concur’s products 
  • Learn how SAP Concur is dealing with third party products and build-in’s
  • Obtain insights to risk management and respective mitigation
  • Broaden your network within security and other functions such as development
  • Have fun



  • Lead incidents of local, regional, and global scales, setting goals and prioritizing tasks
  • Is part of a 24/7 follow-the-sun organization
  • Drives continuous improvement and increases efficiency through standardization and automation 
  • Work independently and with management on highly visible, complex projects
  • Contributes to major, global scale incidents by conducting root cause analysis and writing summaries or reports 
  • Maintain excellent collaboration with internal and external key stakeholders
  • Establish and perform knowledge management activities, such as lessons learned, knowledge-based articles, and trainings
  • Designs, implement and verify new detection mechanisms  
  • Conduct investigations and forensics on internal and cloud assets
  • Support other SAP Concur teams in their day-to-day business activities


Bachelor/ master’s degree in information systems engineering, computer science, cybersecurity, software development or equivalent similar education
One or more security certifications (e.g. Security+, GCIA, GCIH, CISSP)


Required skills

  • Experience in the area of creation and maintenance of detection use cases, designing mitigation playbooks, and security event monitoring
  • Experience managing cases with enterprise SIEM or Incident Management systems (Information Security, Information Systems, Engineering or related work experience)
  • Good knowledge of one or more of the following: Windows/AD file system, registry functions and memory artifacts, Unix/Linux file systems and memory artifacts, Mac file systems and memory artifacts, Cybersecurity automation, Security Information and Event Management (SIEM) tools (Splunk, Fortinet, Skybox, Gigamon, Akamai, Thales, Nexpose, Tenable, Tanium, Sophos, clamAV, Device42)
  • Knowledge of Advanced Persistent Threat (APT) actors; their tools, techniques, and procedures (TTPs), 
  • Ability to demonstrate analytical expertise, close attention to detail, excellent critical thinking, logic, solution orientation, and to learn and adapt quickly
  • Able to explain complex issues in layman terms
  • High quality awareness and process-oriented thinking and acting
  • Willingness and ability to work in a security function
  • Ability to work as an individual contributor and closely collaborate across, organizations, teams and cultures
  • Fluent Business English is a must


Preferred skills
•    TCP/IP communications & knowledge of how common protocols and applications work at the network level, including DNS, HTTP, and SMB
•    Experience in network security and network systems including LANs/WANs/VPNs/Firewalls and IDS’s
•    Experience with one or more scripting languages (Powershell, Python, Bash, etc.) 
•    Experience in Data Loss Prevention (DLP) 
•    International working experience 

Solid professional experience; experience in high-tech industry closely related to security operations as well as experience in critical incident management



We are SAP

SAP innovations help more than 400,000 customers worldwide work together more efficiently and use business insight more effectively. Originally known for leadership in enterprise resource planning (ERP) software, SAP has evolved to become a market leader in end-to-end business application software and related services for database, analytics, intelligent technologies, and experience management. As a cloud company with 200 million users and more than 100,000 employees worldwide, we are purpose-driven and future-focused, with a highly collaborative team ethic and commitment to personal development. Whether connecting global industries, people, or platforms, we help ensure every challenge gets the solution it deserves. At SAP, we build breakthroughs, together.


Our inclusion promise

SAP’s culture of inclusion, focus on health and well-being, and flexible working models help ensure that everyone – regardless of background – feels included and can run at their best. At SAP, we believe we are made stronger by the unique capabilities and qualities that each person brings to our company, and we invest in our employees to inspire confidence and help everyone realize their full potential. We ultimately believe in unleashing all talent and creating a better and more equitable world.


SAP is proud to be an equal opportunity workplace and is an affirmative action employer. We are committed to the values of Equal Employment Opportunity and provide accessibility accommodations to applicants with physical and/or mental disabilities. If you are interested in applying for employment with SAP and are in need of accommodation or special assistance to navigate our website or to complete your application, please send an e-mail with your request to Recruiting Operations Team: Americas: Careers.NorthAmerica@sap.com or Careers.LatinAmerica@sap.com, APJ: Careers.APJ@sap.com, EMEA: Careers@sap.com.


EOE AA M/F/Vet/Disability:

Qualified applicants will receive consideration for employment without regard to their age, race, religion, national origin, ethnicity, age, gender (including pregnancy, childbirth, et al), sexual orientation, gender identity or expression, protected veteran status, or disability.

Successful candidates might be required to undergo a background verification with an external vendor.

 Requisition ID:324004 | Work Area: Solution and Product Management | Expected Travel: 0 - 10% | Career Status: Professional | Employment Type: Regular Full Time  | Additional Locations: 

Requisition ID:  324004
Posted Date:  Apr 21, 2022
Work Area:  Solution and Product Management
Career Status:  Professional
Employment Type:  Regular Full Time
Expected Travel:  0 - 10%

São Leopoldo, BR, 93022-718

Job alert

Job Segment: Operations Manager, SAP, Engineer, Operations, Security, Technology, Engineering