Threat Detection Engineer (f/m/d)

We help the world run better

At SAP, we enable you to bring out your best. Our company culture is focused on collaboration and a shared passion to help the world run better. How? We focus every day on building the foundation for tomorrow and creating a workplace that embraces differences, values flexibility, and is aligned to our purpose-driven and future-focused work. We offer a highly collaborative, caring team environment with a strong focus on learning and development, recognition for your individual contributions, and a variety of benefit options for you to choose from. 

What you´ll do 

SAP's Cyber Detect Organization is looking for an experienced Threat Detection Engineer (f/m/d) to be an integral part of our innovative culture as a crucial defender and protector of SAP’s digital ecosystem. This role will focus on executing a multi-year strategy to proactively, automatically, and continuously test and validate SAP’s protection against and ability to detect the most relevant threats to the business. 

As a part of the Detection Engineering team, you will: 

• Enable streamlined and effective customer collaboration by integrating scalable Detection as Code (DaC) techniques seamlessly into our service offerings 
• Focus on lifecycle management of threat detection content 
• Design and engineer cyber security use cases to detect attacker behaviors 
• Automate recurrence of use case execution across a diverse enterprise landscape 
• Support a threat intelligence driven approach to identifying the most relevant risks 
• Partner with offensive capabilities to continuously validate detection content 
• Partner with Lines of Businesses to enable a central Detection service 
• Adopt a modern shift left mentality to find threats in real time  
• Own key objectives and work with our partners across the company  

What you bring 

• 2+ years of related professional experience 
• Knowledge of detection methods and frameworks (e.g. ATT&CK, Sigma) 
• Knowledge of container and orchestration technologies (e.g. Kubernetes, Docker, Helm, Gardner etc.)
• Experience in SIEM and EDR technologies (e.g., ELK, Splunk, Sumo Logic, CrowdStrike, TrendMicro, SentinelOne, Windows Defender) 
• Demonstrated ability to create effective detections at scale 
• Experience with at least one major cloud platform (e.g. AWS, GCP, Azure) 
• Familiarity with modern programming languages and data analysis techniques 
• Experience creating and tuning threat detection rules 
• Familiarity with detection and prevention technology usage and configuration (EDR, WAF, IPS, etc) 
• Able to work in a global environment across multiple time zones 
• Experience with a 24/7 or on-call security operational environment (e.g. SOC, JSOC, Fusion Center, Incident Response, NOC, Threat Intelligence) 

Beneficial qualifications:

• Experience with Agile (SAFe Agile), Scrum, Program Increment (PI) Planning 
• SANS or similar Cyber Security certifications 
• Experience in either a development and/or DevOps role 
• Experience with configuration management tools like Terraform, Puppet, Chef  

Meet your team
As a member of SAP’s Global Security and Cloud Compliance organization, our Threat Informed Detection Engineering team is responsible for safeguarding data and assets using industry-leading methods for developing new detection capabilities and managing the detection lifecycle. Leveraging intelligence-driven threat assessments, the team proactively and continuously assesses susceptibility to attacker behaviors along with their tactics, techniques and procedures (TTPs) to control risk.

#SGSC_Careers
 

​

Bring out your best

SAP innovations help more than four hundred thousand customers worldwide work together more efficiently and use business insight more effectively. Originally known for leadership in enterprise resource planning (ERP) software, SAP has evolved to become a market leader in end-to-end business application software and related services for database, analytics, intelligent technologies, and experience management. As a cloud company with two hundred million users and more than one hundred thousand employees worldwide, we are purpose-driven and future-focused, with a highly collaborative team ethic and commitment to personal development. Whether connecting global industries, people, or platforms, we help ensure every challenge gets the solution it deserves. At SAP, you can bring out your best.  

We win with inclusion

SAP’s culture of inclusion, focus on health and well-being, and flexible working models help ensure that everyone – regardless of background – feels included and can run at their best. At SAP, we believe we are made stronger by the unique capabilities and qualities that each person brings to our company, and we invest in our employees to inspire confidence and help everyone realize their full potential. We ultimately believe in unleashing all talent and creating a better and more equitable world.
SAP is proud to be an equal opportunity workplace and is an affirmative action employer. We are committed to the values of Equal Employment Opportunity and provide accessibility accommodations to applicants with physical and/or mental disabilities. If you are interested in applying for employment with SAP and are in need of accommodation or special assistance to navigate our website or to complete your application, please send an e-mail with your request to Recruiting Operations Team: Careers@sap.com.
For SAP employees: Only permanent roles are eligible for the SAP Employee Referral Program, according to the eligibility rules set in the SAP Referral Policy. Specific conditions may apply for roles in Vocational Training.

Requisition ID: 404984  | Work Area: Information Technology  | Expected Travel: 0 - 10%  | Career Status: Professional  | Employment Type: Regular Full Time   | Additional Locations: Other locations in Germany as per individual check | #LI-Hybrid
 

​