Security Incident Response Investigator; m​/f​/d

Overview

Security Incident Response Investigator (m/f/d) role will be dedicated to the real time analysis, lead investigation and escalation coordination of detected cyber threat events and intelligence, supporting operational efforts around the Security Detection and remediation to various system owners and other stakeholders and ensuring real time capability enhancement to respond to evolving threats.

The Security Incident Response Investigator role will be responsible for providing timely situational analysis of Security Alerts, escalation and tracking of potential attacks for remediation to system owners and provide information for potential impact to the environments’ security posture, and the development of actionable remediation steps where relevant.

The Security Incident Response Investigator role will work as an integrated part of the Security Incident Response Team, working in a follow the sun model with members across the globe. Candidates in this role will review and analyze and lead investigations on identified security event alerts, information and security intelligence relevant to threats facing the systems, infrastructure, and resources critical to our clients.

They will use this information to determine validity, severity, provide remediation recommendations and communicate this security event analysis to the system owners for remediation on a real time basis as well as tracking and reporting of these activities. Candidates should be experienced in analyzing cyber-attack attempts threats and security intelligence analysis, event tracking and escalation management and reporting.

The ideal candidate would be expected to stay current with the latest security related news, attack techniques, understand current vulnerabilities, and their respective countermeasures.

What you bring:

• At least 4 years experience in the field of security analysis, intelligence, engineering, architecture, operations and/or assurance functions;
• A degree from a recognized university in the sciences, engineering, information security, or related studies
• Demonstrable experience in the area of time critical Cyber attack event analysis, threat intelligence application, vulnerability analysis and event escalation.
• Demonstrable experience using monitoring tools to identify cyber security events or alerts of potential/active threats, intrusions, and/or compromises.

Core Security Incident Response Skills:

• Strong verbal, written communication skills with high level of detail accuracy
• Lead cybersecurity investigations and analysis during critical time sensitive incidents.
• Strong security background performing review and analysis of cyber-attacks and developing remediation recommendations.
• Creative problem-solving skills and can apply knowledge to new and never before encountered scenarios, often working under pressure situations.
• Takes an active part in the gathering, analysis, and communication of Attack alerts identified by monitoring teams
• Present actionable analysis and recommendations of identified cyber alerts to system owners and leadership across business lines as necessary
• Develop and modify documentation detailing new and improved run-books for the processes of threat analysis capability and eventual cataloging of the indicators of attack by assessed impact to the environment
• Ability to work easily with diverse and dynamic teams
• Understanding of Network, System and Application Architectures and attack methodologies

Security Operations Domain Skills:

• Depth of knowledge in two or more of the core Security Operations and Incident Response domains such as Security Triage, Cyber Threat Hunting, Security operations management, incident investigation and response process and procedures.
• Depth of knowledge in contemporary and legacy security technologies used within the Security Operations domain (such as SIEM technologies, ticketing and workflow orchestration, Threat-Intelligence Platforms, active defense, Use Case construction, Cloud based operations, etc)
• Knowledge in and current knowledge of security threat intelligence and recent attack vectors including network, application and social methods.
• Knowledge in and an understanding or proficiency in information security and compliance regulations, frameworks and leading practices

SAP innovations help more than four hundred thousand customers worldwide work together more efficiently and use business insight more effectively. Originally known for leadership in enterprise resource planning (ERP) software, SAP has evolved to become a market leader in end-to-end business application software and related services for database, analytics, intelligent technologies, and experience management. As a cloud company with two hundred million users and more than one hundred thousand employees worldwide, we are purpose-driven and future-focused, with a highly collaborative team ethic and commitment to personal development.

Whether connecting global…