Information Technology

Security Operations Center Analyst / Engineer (f/m/d): Delos Cloud


We help the world run better

Our company culture is focused on helping our employees enable innovation by building breakthroughs together. How? We focus every day on building the foundation for tomorrow and creating a workplace that embraces differences, values flexibility, and is aligned to our purpose-driven and future-focused work. We offer a highly collaborative, caring team environment with a strong focus on learning and development, recognition for your individual contributions, and a variety of benefit options for you to choose from. Apply now!


Company Description
SAP has founded the Delos Cloud GmbH to deliver a vendor and solution-neutral sovereign cloud and accelerate the digital transformation of public services in Germany. Catering to the need for digitization in the public sector, the new company will act as a trusted partner providing an open sovereign cloud platform. With Sovereignty and Security at its heart, the cloud infrastructure offering is designed to meet the strict and unique national requirements set out by the German Government’s multi-cloud strategy. For more information about Delos Cloud please visit our website.
This is a great opportunity to become part of one of the most exciting start-ups in the German IT industry. Do you want to join our mission to establish the first sovereign cloud platform for the public sector in Germany? Then roll up your sleeves and apply today. 


Your Future Role & Responsibilities
You will be a crucial front-line defender of Delos Cloud’s digital enterprise. You will be responsible for triaging security alerts detected by Enterprise Detection and SIEM, analyzing all available data to determine if a cyber-attack is occurring, scoping the extent of a suspected attack, coordinating efforts to contain attacks, and providing guidance on remediation actions.

  • Perform Incident Response Tier III duties as a part of a 24/7 cyber incident response team
  • Leverage SAP’s security tools to monitor, triage, and respond to security event alerts
  • Communicate updates to stakeholders both within and outside security
  • Perform forensic analysis and present evidence to stakeholders
  • Observe proper evidence custody and control procedures, document procedures and findings in a manner suitable for courtroom presentation
  • Partner with SAP groups to review monitoring requirements and create detection alerts
  • Develop automated workflows that will reduce response times
  • Develop and implement intrusion remediation and strategy
  • Perform additional analysis of escalations from junior Incident Response Analysts and conduct case review
  • Conduct proactive Cyber Hunting exercises based on threat intelligence from Response Analysts
  • Provide onboarding training and coaching to junior Incident Response Analysts
  • Track cyber defense incidents from initial detection through final resolution; ensure timely response and documentation
  • Collect intrusion artifacts and use discovered data to enable mitigation of potential cyber defense incidents within the enterprise
  • Conduct digital evidence analysis and gather evidence against network and host-based intrusions
  • Identify and document case relevant file-system artifacts, including browser histories, account usage, and USB histories
  • Ensure communication and escalation of security activities to leadership and senior-level team members
  • Provide guidance in developing incident handling processes, standard operating procedures, playbooks, and runbooks
  • Monitor and review incident response tools, procedures, and workflows, to develop strategy to increase efficiency and reduce response time
  • Proactively research on latest threats and monitoring/detecting technologies
  • Assist leadership in establishing and tracking metrics on the program’s performance


Profile & Required Skills

  • Basic knowledge in IT Security Management standards (BSI Grundschutz), IT Principles, Data Security and Risk Management
  • Good knowledge of APT actors; their tools, techniques, and procedures (TTPs)
  • Good knowledge of TTP methods and frameworks
  • TCP/IP communications, and common protocols and applications, including DNS, HTTP, and SMB
  • Solid Knowledge of Windows OS including at least Windows file system, registry functions and memory artifacts and/or Unix/Linux file systems and memory artifacts
  • Security Certifications, e.g. CISA, CISM, Security+
  • Quality focus
  • Teamwork and collaboration
  • Lead and engage talents
  • Fluent German and English language skills both written and oral
  • EU citizenship
  • Readiness to join the SAP subsidiary Delos Cloud GmbH
  • Readiness for a German government security clearance


Work experience

  • 4-6 years of experience working in a 24/7 operational environment (Cyber Intelligence Fusion Center, SOC, NOC, Operations Center) Experience with one or more scripting languages (PowerShell, Python, Bash, etc.)
  • Experience managing cases with enterprise SIEM or Incident Management systems


#DelosCloud #SovCloudDe


We build breakthroughs together

SAP innovations help more than 400,000 customers worldwide work together more efficiently and use business insight more effectively. Originally known for leadership in enterprise resource planning (ERP) software, SAP has evolved to become a market leader in end-to-end business application software and related services for database, analytics, intelligent technologies, and experience management. As a cloud company with 200 million users and more than 100,000 employees worldwide, we are purpose-driven and future-focused, with a highly collaborative team ethic and commitment to personal development. Whether connecting global industries, people, or platforms, we help ensure every challenge gets the solution it deserves. At SAP, we build breakthroughs, together.


We win with inclusion

SAP’s culture of inclusion, focus on health and well-being, and flexible working models help ensure that everyone – regardless of background – feels included and can run at their best. At SAP, we believe we are made stronger by the unique capabilities and qualities that each person brings to our company, and we invest in our employees to inspire confidence and help everyone realize their full potential. We ultimately believe in unleashing all talent and creating a better and more equitable world.
SAP is proud to be an equal opportunity workplace and is an affirmative action employer. We are committed to the values of Equal Employment Opportunity and provide accessibility accommodations to applicants with physical and/or mental disabilities. If you are interested in applying for employment with SAP and are in need of accommodation or special assistance to navigate our website or to complete your application, please send an e-mail with your request to Recruiting Operations Team:
For SAP employees: Only permanent roles are eligible for the SAP Employee Referral Program, according to the eligibility rules set in the SAP Referral Policy. Specific conditions may apply for roles in Vocational Training.

Requisition ID: 348418  | Work Area: Information Technology  | Expected Travel: 0 - 10%  | Career Status: Professional  | Employment Type: Regular Full Time   | Additional Locations: Other locations within Germany as per agreement/discussion  #LI-Hybrid

Requisition ID:  348418
Posted Date:  Sep 9, 2022
Work Area:  Information Technology
Career Status:  Professional
Employment Type:  Regular Full Time
Expected Travel:  0 - 10%

Walldorf, DE, 69190

Job alert

Job Segment: Operations Manager, ERP, Cloud, SAP, Risk Management, Operations, Technology, Finance