Information Technology

Senior/Expert Security Operations Center Analyst / Engineer (f/m/d): Delos Cloud


We help the world run better

Our company culture is focused on helping our employees enable innovation by building breakthroughs together. How? We focus every day on building the foundation for tomorrow and creating a workplace that embraces differences, values flexibility, and is aligned to our purpose-driven and future-focused work. We offer a highly collaborative, caring team environment with a strong focus on learning and development, recognition for your individual contributions, and a variety of benefit options for you to choose from. Apply now!


Company Description
SAP has founded the Delos Cloud GmbH to deliver a vendor and solution-neutral sovereign cloud and accelerate the digital transformation of public services in Germany. Catering to the need for digitization in the public sector, the new company will act as a trusted partner providing an open sovereign cloud platform. With Sovereignty and Security at its heart, the cloud infrastructure offering is designed to meet the strict and unique national requirements set out by the German Government’s multi-cloud strategy.
This is a great opportunity to become part of one of the most exciting start-ups in the German IT industry. Do you want to join our mission to establish the first sovereign cloud platform for the public sector in Germany? Then roll up your sleeves and apply today. 


Your Future Role & Responsibilities
You will be a crucial front-line defender of Delos Cloud’s digital enterprise. You will manage the process to restore normal service operation in case of an incident as quickly as possible to minimize the impact to business operations. You will provide guidance for anomaly-based searching. You will work closely with the functional leadership from other teams in the Security Operations Center to ensure a comprehensive and proactive cyber defense posture.

  • Provide timely and relevant updates to leadership and other stakeholders
  • Assess and update process workflows and supporting technology to improve program performance
  • Observe proper evidence custody and control procedures; document procedures and findings in a manner suitable for courtroom presentation
  • Partner with SAP groups to review monitoring requirements and create detection alerts
  • Develop automated workflows that will reduce detection and response times
  • Guide junior staff members in conducting Event Detection, Incident Triage, Incident Handling, Hunting activities by leveraging SAP’s detection/response platforms
  • Perform additional analysis of escalations from junior Incident Analysts and conduct case review
  • Assist senior analysts and leaders in developing executive level reports to provide status on incidents to leadership
  • Ensure the closure of all resolved and end-user confirmed Incident records
  • Follow proper evidence handling and chain of custody protocols to produce written reports documenting digital forensic findings
  • Employ forensic tools and techniques to support the investigation of computer fraud or other electronic crimes; crack files and system passwords, detect steganography, and recover deleted, fragmented, and corrupted data from digital media of all types
  • Review current process workflows and make improvements to detection and alerting mechanisms
  • Identify increasing trend of repetitive incidents, and work with architecture, DevOps, and infrastructure teams to identify root cause and create action plans to increase resiliency
  • Continuously monitor levels of service as well as interpret and prioritize threats through use of intrusion detection systems, firewalls, other boundary protection devices, and any security incident management products deployed
  • Recognize potential, successful, and unsuccessful intrusion attempts and compromises through review and analyses of relevant event detail and summary information
  • Test and maintain incident response plans and processes to address existing and emerging threats


Profile & Required Skills

  • Basic knowledge in IT Security Management standards (BSI Grundschutz),IT Principles, Data Security and Risk Management
  • Very good knowledge of APT actors; their tools, techniques, and procedures (TTPs)
  • Very good knowledge of TTP methods and frameworks
  • TCP/IP communications, and common protocols and applications, including DNS, HTTP, and SMB
  • Solid Knowledge of Windows OS including at least Windows file system, registry functions and memory artifacts and/or Unix/Linux file systems and memory artifacts
  • Security Certifications, e.g. CISA, CISM, Security+
  • Quality focus
  • Teamwork and collaboration
  • Lead and engage talents
  • Fluent German and English language skills both written and oral
  • EU citizenship
  • Readiness to join the SAP subsidiary Delos Cloud GmbH
  • Readiness for a German government security clearance


Work experience

  • 7- 10 years of functional experience in IT-related security operations and risk management and/or compliance functions
  • Experience with one or more scripting languages (Powershell, Python, Bash, etc.)
  • Experience managing cases with enterprise SIEM or Incident Management systems


#DelosCloud #SovCloudDe


We build breakthroughs together

SAP innovations help more than 400,000 customers worldwide work together more efficiently and use business insight more effectively. Originally known for leadership in enterprise resource planning (ERP) software, SAP has evolved to become a market leader in end-to-end business application software and related services for database, analytics, intelligent technologies, and experience management. As a cloud company with 200 million users and more than 100,000 employees worldwide, we are purpose-driven and future-focused, with a highly collaborative team ethic and commitment to personal development. Whether connecting global industries, people, or platforms, we help ensure every challenge gets the solution it deserves. At SAP, we build breakthroughs, together.


We win with inclusion

SAP’s culture of inclusion, focus on health and well-being, and flexible working models help ensure that everyone – regardless of background – feels included and can run at their best. At SAP, we believe we are made stronger by the unique capabilities and qualities that each person brings to our company, and we invest in our employees to inspire confidence and help everyone realize their full potential. We ultimately believe in unleashing all talent and creating a better and more equitable world.
SAP is proud to be an equal opportunity workplace and is an affirmative action employer. We are committed to the values of Equal Employment Opportunity and provide accessibility accommodations to applicants with physical and/or mental disabilities. If you are interested in applying for employment with SAP and are in need of accommodation or special assistance to navigate our website or to complete your application, please send an e-mail with your request to Recruiting Operations Team:
For SAP employees: Only permanent roles are eligible for the SAP Employee Referral Program, according to the eligibility rules set in the SAP Referral Policy. Specific conditions may apply for roles in Vocational Training.

Requisition ID: 348417  | Work Area: Information Technology  | Expected Travel: 0 - 10%  | Career Status: Berufserfahren  | Employment Type: Vollzeit, unbefristet   | Additional Locations: Other locations within Germany as per agreement/discussion  #LI-Hybrid

Ausschreibungsnummer:  348417
Ausschreibungsdatum:  09.09.2022
Funktionsbereich:  Information Technology
Karrierestatus:  Berufserfahren
Anstellungsverhältis:  Vollzeit, unbefristet
Voraussichtliche Reisetätigkeit:  0 - 10%

Berlin, DE, 10178

Job alert