Information Technology

Security Operations Center Manager (f/m/d): Delos Cloud


We help the world run better

Our company culture is focused on helping our employees enable innovation by building breakthroughs together. How? We focus every day on building the foundation for tomorrow and creating a workplace that embraces differences, values flexibility, and is aligned to our purpose-driven and future-focused work. We offer a highly collaborative, caring team environment with a strong focus on learning and development, recognition for your individual contributions, and a variety of benefit options for you to choose from. Apply now!


Company Description

SAP has founded the Delos Cloud GmbH to deliver a vendor and solution-neutral sovereign cloud and accelerate the digital transformation of public services in Germany. Catering to the need for digitization in the public sector, the new company will act as a trusted partner providing an open sovereign cloud platform. With Sovereignty and Security at its heart, the cloud infrastructure offering is designed to meet the strict and unique national requirements set out by the German Government’s multi-cloud strategy.
This is a great opportunity to become part of one of the most exciting start-ups in the German IT industry. Do you want to join our mission to establish the first sovereign cloud platform for the public sector in Germany? Then roll up your sleeves and apply today. 

Your Future Role & Responsibilities

You will manage a team of experts conducting event detection, incident triage, incident handling, and remediation. You will be responsible for restoring normal service operation in case of an incident as quickly as possible to minimize the impact to business operations. You will work closely with the functional leadership from other teams in the Cyber Fusion Center to ensure a comprehensive and proactive cyber defense posture.

  • Drive the buildout of our Security Operations Center
  • Serve as the incident commander for major or high-profile incidents including validating and raising incidents, coordinating response, facilitating information sharing, and ensuring documentation
  • Manage a team of Incident Response Analysts responsible for detecting, analyzing, and mitigating potential intrusions and other security incidents
  • Collaborate with leaders across cross functions to coordinate response, facilitate information sharing, and ensure documentation
  • Provide timely and relevant updates to leadership and other stakeholders
  • Develop executive level reports to provide status on incidents to leadership
  • Ensure the closure of all resolved and end-user confirmed Incident records\Interface with Enterprise Detection and SIEM teams to make improvements to detection and alerting mechanisms
  • Identify increasing trend of repetitive incidents, and work with architecture, DevOps, and infrastructure teams to identify root cause and create action plans to increase resiliency
  • Continuously monitor levels of service as well as interpret and prioritize threats through use of intrusion detection systems, firewalls, other boundary protection devices, and any security incident management products deployed
  • Recognize potential, successful, and unsuccessful intrusion attempts and compromises through review and analyses of relevant event detail and summary information
  • Develop templates for third party communications for legal review
  • Develop, track, and consistently improve executive level metrics for program performance
  • Provide briefings at various levels of management regarding ongoing security incidents
  • Coordinate shift schedule and deployment of staffing within the established structure
  • Conduct performance reviews and provide feedback to direct reports in day-to-day activities; help staff members in enhancing skillset to progress in their career paths


Profile & Required Skills

  • Proven experience in handling cyber security incidents including coordination of teams and driving root cause analysis as well as defining and leading mitigation and containment measures
  • Knowledge of APT actors; their tools, techniques, and procedures (TTPs), TTP methods and frameworks
  • Experience in network security and network systems including LANs/WANs/VPNs/Firewalls and IDS’s
  • Windows file system, registry functions and memory artifacts and/or Unix/Linux file systems and memory artifacts
  • Security Certifications, e.g. CISA, CISM, Security+
  • Quality focus
  • Teamwork and collaboration
  • Lead and engage talents
  • Fluent German and English language skills both written and oral
  • EU citizenship
  • Readiness to join the SAP subsidiary Delos Cloud GmbH
  • Readiness for a German government security clearance


Work experience

  • 7-9 years of experience working in a 24/7 operational environment (Cyber Intelligence Fusion Center, SOC, NOC, Operations Center)
  • 4-5 years of experience managing a security team
  • Experience with one or more scripting languages (Powershell, Python, Bash, etc.)
  • Experience managing cases with enterprise SIEM or Incident Management systems


#DelosCloud #SovCloudDe


We build breakthroughs together

SAP innovations help more than 400,000 customers worldwide work together more efficiently and use business insight more effectively. Originally known for leadership in enterprise resource planning (ERP) software, SAP has evolved to become a market leader in end-to-end business application software and related services for database, analytics, intelligent technologies, and experience management. As a cloud company with 200 million users and more than 100,000 employees worldwide, we are purpose-driven and future-focused, with a highly collaborative team ethic and commitment to personal development. Whether connecting global industries, people, or platforms, we help ensure every challenge gets the solution it deserves. At SAP, we build breakthroughs, together.


We win with inclusion

SAP’s culture of inclusion, focus on health and well-being, and flexible working models help ensure that everyone – regardless of background – feels included and can run at their best. At SAP, we believe we are made stronger by the unique capabilities and qualities that each person brings to our company, and we invest in our employees to inspire confidence and help everyone realize their full potential. We ultimately believe in unleashing all talent and creating a better and more equitable world.
SAP is proud to be an equal opportunity workplace and is an affirmative action employer. We are committed to the values of Equal Employment Opportunity and provide accessibility accommodations to applicants with physical and/or mental disabilities. If you are interested in applying for employment with SAP and are in need of accommodation or special assistance to navigate our website or to complete your application, please send an e-mail with your request to Recruiting Operations Team:
For SAP employees: Only permanent roles are eligible for the SAP Employee Referral Program, according to the eligibility rules set in the SAP Referral Policy. Specific conditions may apply for roles in Vocational Training.

Requisition ID: 348415  | Work Area: Information Technology  | Expected Travel: 0 - 10%  | Career Status: Management  | Employment Type: Vollzeit, unbefristet   | Additional Locations: Other locations within Germany as per agreement/discussion  #LI-Hybrid

Ausschreibungsnummer:  348415
Ausschreibungsdatum:  09.09.2022
Funktionsbereich:  Information Technology
Karrierestatus:  Management
Anstellungsverhältis:  Vollzeit, unbefristet
Voraussichtliche Reisetätigkeit:  0 - 10%

Walldorf, DE, 69190

Job alert