WE HELP THE WORLD RUN BETTER

At SAP, we enable you to bring out your best. Our company culture is focused on collaboration and a shared passion to help the world run better. How? We focus every day on building the foundation for tomorrow and creating a workplace that embraces differences, values flexibility, and is aligned to our purpose-driven and future-focused work. We offer a highly collaborative, caring team environment with a strong focus on learning and development, recognition for your individual contributions, and a variety of benefit options for you to choose from.

REQUIREMENTS:

• Bachelors or Master’s degree in Computer Science, Information Security, Information Systems, Engineering or related work experience.
• Understanding of one or more technical areas like:
• Network protocols (TCP/IP, TLS, HTTP, DNS, SMB, etc.)
• File systems (exFAT, NTFS, ext4, APFS, etc.)
• Memory forensics
• Database and web application security
• Cloud security
• Technical knowledge of information technology systems and infrastructure
• Understanding of risk management, mitigation, and incident response frameworks
• Experience communicating with senior management and executives.
• Knowledge of relevant laws and regulations related to incident response and data privacy.

Summary:
A SGSC Cyber Security Incident Response Senior Manager is responsible for driving incidents to resolution and ensure accurate and timely customer and executive communications. Ensure the correct resources are working on the resolution of major incidents appropriate to the severity and identify when escalation is required and trigger such escalation accordingly.

The Role:

• Performs incident response management duties as oversight of the Global SGSC Cyber Security Incident Response teams.
• Provide timely and relevant updates to SAP leadership and internal stakeholders.
• Manage the process of determining the attack scope and root cause analyses by using forensic investigation methods.
• Partner with internal teams to review monitoring requirements and create detection alerts.
• Manage the development of automated workflows that will reduce detection and response times.
• Ensures the review and closure of resolved and end-user confirmed cybersecurity incidents.
• Manage and enhance current Incident Response process workflows and recommends improvements.
• Participate in after action reviews and ensure that all recommended remediations are handed to the Incident Response Recovery team.