WE HELP THE WORLD RUN BETTER

At SAP, we enable you to bring out your best. Our company culture is focused on collaboration and a shared passion to help the world run better. How? We focus every day on building the foundation for tomorrow and creating a workplace that embraces differences, values flexibility, and is aligned to our purpose-driven and future-focused work. We offer a highly collaborative, caring team environment with a strong focus on learning and development, recognition for your individual contributions, and a variety of benefit options for you to choose from.

WHAT YOU WILL DO

An SGSC Operations Incident Response Manager defender of SAP’s digital enterprise. Our Incident Responds Manager are responsible for managing the triaging of security alerts detected by Enterprise Detection and SIEM, analyzing all available data to determine if a cyber-attack is occurring, scoping the extent of a suspected attack, coordinating efforts to contain attacks, performing forensic investigations to determine the details around an attack, and providing guidance on remediation actions.

• Performs incident response management duties as part of the Global SGSC Incident Response team.
• Provide timely and relevant updates to SAP leadership and internal stakeholders.
• Manages the process of determining the attack scope and root cause analyses by using forensic investigation methods.
• Partners with internal teams to review monitoring requirements and create detection alerts.
• Manages the development of automated workflows that will reduce detection and response times.
• Ensures the review and closure of resolved and end-user confirmed cybersecurity incidents.
• Reviews current Incident Response process workflows and recommends improvements.

The Incident Manager’s responsibilities include overseeing the incident management process, handling various incident types, initiating an incident response procedure, and communicating and coordinating with stakeholders. Effective management of these responsibilities is critical in minimizing incidents’ impact on operations and maintaining business continuity.

• Bachelor’s or master’s degree in computer science, Information Security, Information Systems, Engineering or related work experience.
• Understanding of one or more technical areas like:
• Network protocols (TCP/IP, TLS, HTTP, DNS, SMB, etc.)
• File systems (exFAT, NTFS, ext4, APFS, etc.)
• Memory forensics
• Database and web application security
• Cloud security
• Strong technical knowledge of information technology systems and infrastructure
• Understanding of risk management, mitigation, and incident response frameworks
• Experience communicating with senior management and executives.
• Knowledge of relevant laws and regulations related to incident response and data privacy