WE HELP THE WORLD RUN BETTER

At SAP, we keep it simple: you bring your best to us, and we’ll bring out the best in you. We’re builders touching over 20 industries and 80% of global commerce, and we need your unique talents to help shape what’s next. The work is challenging – but it matters. You’ll find a place where you can be yourself, prioritize your wellbeing, and truly belong. What’s in it for you? Constant learning, skill growth, great benefits, and a team that wants you to grow and succeed.

EDUCATION

Bachelor’s degree or foreign equivalent in Computer Sciences, IT, Cyber Security, Software Development, Engineering, or a related field of study and seven (7) years of progressive post-baccalaureate experience in the job offered or related occupation.
Alternatively, a Master’s degree or foreign equivalent in Computer Sciences, IT, Cyber Security, Software Development, Engineering, or a related field of study and five (5) years of experience in the job offered or related occupation

SKILLS AND COMPETENCIES

• Maintaining detection strategies for EDR, specifically CrowdStrike Falcon
• Developing custom detection logic in SIEM and native detection platforms, with a focus on indicators of attack (IOA) in CrowdStrike Falcon EDR
• Programming, to include use of python and PowerShell
• Conducting incident response, penetration testing, cyber threat hunt, or cyber intelligence
• Knowledge of threat intelligence and detection frameworks such as MITRE ATT&CK
• Experience conducting threat simulation/emulation in a lab environment
• Self-motivated and capable of working independently, balancing multiple priorities to meet deadlines in a fast-paced environment.
• Exceptional communication skills, both written and verbal, with the ability to articulate technical concepts to non-technical audiences

PREFERRED QUALIFICATIONS

• Relevant certifications such as CrowdStrike Certified Falcon Administrator (CCFA), CrowdStrike Certified Falcon Responder (CCFR), or similar certifications.
• Experience integrating CrowdStrike with other security tools and platforms for comprehensive threat management.
• Experience with detection-as-code platforms/initiatives and development of detection pipeline

• Develop and implement strategies to detect anomalous or malicious behavior with a focus on endpoint detection and response (EDR) capabilities.
• Create Security Information and Event Management (SIEM) EDR-based detection logic and craft custom endpoint detection and response (EDR) detection code for use in CrowdStrike Falcon or other EDR platforms.
• Analyze security alerting, with a focus on EDR alerting, to ensure proper tuning of detective content and to identify opportunities to improve detection.
• Utilize threat intelligence to ensure detection strategies are aligned to the most concerning and probable threat vectors and adversary tactics.
• Maintain documentation related to processes, detection strategies, and detection code. Participate in governance, risk and compliance activities related to detection.
• Mentor team-members on best practices for EDR detection strategies and detection code development.
• Collaborate with lines of business and respective security teams to best integrate EDR tools and strategies in alignment with detection strategies and best practices.