Information Technology

Senior Security SIEM Detection Architect/Engineer (f/m/d) - Enterprise Cloud Services

We help the world run better

Our company culture is focused on helping our employees enable innovation by building breakthroughs together. How? We focus every day on building the foundation for tomorrow and creating a workplace that embraces differences, values flexibility, and is aligned to our purpose-driven and future-focused work. We offer a highly collaborative, caring team environment with a strong focus on learning and development, recognition for your individual contributions, and a variety of benefit options for you to choose from. Apply now!


What you`ll do 
As a Senior Security SIEM Detection Architect/Engineer, you will work together with our Defensive Architecture Lead to identify gaps in our detection coverage, and to gain visibility through logging and detection. You will use your coding, data analytics and investigation skills to write new detection rules, tune existing correlation rules and build response capabilities mapped to MITRE ATT&CK  and RE&CT.
The Role:
You will report directly to ECS Chief Security Officer and you will support the CSO office, responsible for the effective and efficient security strategy, security programs and services.
You will work side by side with our engineering teams to build advanced detection solutions to help keep systems and information safe and in the same time build automation and detection models to support identification of anomalous activity and response activities to mitigate threats at scale.

You will test and tune Detection Rules in order to identify and reduce False-Positive & False-Negative and ensure that security-relevant data is flowing to appropriate Splunk Data Models.

You will Coordinate with Security SMEs to build hunting rules and triggers, which focus on adversary activity within the cloud control plane and Linux servers, you will identify and consult on the design of countermeasures to mitigate threats in our environment and also ensure that all documents, workflows and processes remain accurate and up-to-date

What you bring 
•    Technical proficiencies across Linux , multi-cloud and Active Directory. Research mindset, with a hold on where to look for relevant information pertaining to cloud threats, vulnerabilities and key adversary’s modes of interest.
•    Experience building dashboards and processes around use-case testing , versioning
•    Security tool integration experience, familiarity with common information and log formats 
•    5+ years of experience in the Security space including but not limited to: Threat Intel, Threat Detection, Cloud Security and or SOC experience
•    Hands-on professional experience with AWS, GCP or Azure in an Infosec/DevSecOps capacity.
•    Programming and scripting knowledge for automating day to day tasks – Splunk, Python, SQL, Powershell or API, CI/CD
•    Deep interest in identifying known and unknown threats in the ever-changing landscape


Meet your team 
Enterprise Cloud Services (ECS) is a business unit in the Product Engineering Board Area. 
Enterprise Cloud Services supports customers throughout their cloud transformation and SAP S/4HANA adoption journey. We run the Intelligent Enterprise so they can be an Intelligent Enterprise. Our portfolio of SAP HANA Enterprise Cloud  and SAP Cloud Application Services  turns SAP products into a solution-as-a-service on customer’s preferred infrastructure, including Hyperscalers, as one SAP.



We build breakthroughs together

SAP innovations help more than 400,000 customers worldwide work together more efficiently and use business insight more effectively. Originally known for leadership in enterprise resource planning (ERP) software, SAP has evolved to become a market leader in end-to-end business application software and related services for database, analytics, intelligent technologies, and experience management. As a cloud company with 200 million users and more than 100,000 employees worldwide, we are purpose-driven and future-focused, with a highly collaborative team ethic and commitment to personal development. Whether connecting global industries, people, or platforms, we help ensure every challenge gets the solution it deserves. At SAP, we build breakthroughs, together.

We win with inclusion

SAP’s culture of inclusion, focus on health and well-being, and flexible working models help ensure that everyone – regardless of background – feels included and can run at their best. At SAP, we believe we are made stronger by the unique capabilities and qualities that each person brings to our company, and we invest in our employees to inspire confidence and help everyone realize their full potential. We ultimately believe in unleashing all talent and creating a better and more equitable world.
SAP is proud to be an equal opportunity workplace and is an affirmative action employer. We are committed to the values of Equal Employment Opportunity and provide accessibility accommodations to applicants with physical and/or mental disabilities. If you are interested in applying for employment with SAP and are in need of accommodation or special assistance to navigate our website or to complete your application, please send an e-mail with your request to Recruiting Operations Team:
For SAP employees: Only permanent roles are eligible for the SAP Employee Referral Program, according to the eligibility rules set in the SAP Referral Policy. Specific conditions may apply for roles in Vocational Training.

Requisition ID: 354980  | Work Area: Information Technology  | Expected Travel: 0 - 10%  | Career Status: Professional  | Employment Type: Regular Full Time   | Additional Locations: #LI-Hybrid

Requisition ID:  354980
Posted Date:  Nov 9, 2022
Work Area:  Information Technology
Career Status:  Professional
Employment Type:  Regular Full Time
Expected Travel:  0 - 10%

St. Leon-Rot, DE, 68789

Job alert

Job Segment: Architecture, Testing, Cloud, ERP, Developer, Engineering, Technology