Cyber Intelligence Research & Operations analyst

We help the world run better

At SAP, we enable you to bring out your best. Our company culture is focused on collaboration and a shared passion to help the world run better. How? We focus every day on building the foundation for tomorrow and creating a workplace that embraces differences, values flexibility, and is aligned to our purpose-driven and future-focused work. We offer a highly collaborative, caring team environment with a strong focus on learning and development, recognition for your individual contributions, and a variety of benefit options for you to choose from.

SAP is seeking an experienced Cyber Intelligence Research & Operations analyst to support SAP’s Cyber Intelligence and Threat Hunting team as part of the larger Detect Organization.  This position requires a passion for security research and authoring intelligence reports to support customer intelligence requirements from the executive suite to operational security teams.  This role will also specialize in researching threats—from in-the-wild exploits to cloud conscious threat actors—specific to SAP products and systems and their impacts to our global customer base. Successful candidates must have demonstrable research expertise, preferably in the field of cloud-based threats, and the ability to author highly polished research for both internal and external audiences.  This expertise will be applied to SAP’s global business interests and help drive critical decision making by senior business leaders.  Additionally, this role will work with peer security colleagues across the business to amplify cyber intelligence assessments and analysis to support cloud-based business units and their global customer base.

In this role you will conduct in-depth research, collaborate with industry specialists and peer analysts, develop and maintain short- and long-term research projects, and present findings through briefings and external engagements. The role will also be expected to actively generate intelligence requirements from stakeholders and manage collection supporting those requirements.  Lastly, this role requires a consummate team player willing to go above and beyond in delivering a world class cyber threat intelligence capability in support of SAP and its global business.

Key Responsibilities:

• Conduct cyber threat intelligence analysis using cyber intelligence frameworks to identify emerging threats, vulnerabilities, and trends in cloud environments.
• Serve as subject matter expert (SME) on cloud-based threats and enterprise resource planning (ERP) systems.
• Design and deliver high quality, finished intelligence products from executive to operational audiences.
• Manage reports portfolio consisting of multiple products and delivery timelines and standards.
• Understand use and application of Structured Analytic Techniques (SATs) as part of intelligence analysis process.
• Translate business information needs to priority intelligence requirements (PIRs).
• Attain expert knowledge of SAP’s growing cloud and AI investments in the context of cyber threats to those businesses and related customer base.
• Research and analyze cyber-threat actors, groups, and events to report on emerging tactics, techniques, and procedures (TTPs), behaviors, motivations, sponsorship, and influencing factors specific to cloud environments.

Required Skills and Qualifications:

• Bachelor's degree in Cybersecurity, Information Technology, Intelligence Studies, Political Science, Foreign Area Studies, or related fields.
• Proven experience (5+ years) as a Cyber Threat Intelligence Analyst with a focus on cloud-conscious threat actors and related TTPs.
• Working knowledge of security offerings and controls provided by major cloud providers (AWS, Azure, Google Cloud, etc). 
• Understanding different cloud service models (IaaS, PaaS, SaaS) and their respective security implications.
• Working knowledge and proficiency in cloud-native security solutions.
• Strong proficiency in open-source intelligence (OSINT) methodologies and tools for gathering, analyzing, and interpreting threat data including Recorded Future.
• Excellent report writing skills with the ability to create clear, concise, and impactful intelligence reports incorporating graphics and visualizations.
• Exceptional communication skills, both written and verbal, to effectively convey technical information to non-technical stakeholders.
• Operational experience leveraging the intelligence lifecycle and associated analytic methodologies (Cyber Kill Chain, Diamond Model, ATT&CK, etc.)

Preferred Qualifications:

• Certifications such as Certified Threat Intelligence Analyst (CTIA), GIAC Cloud Threat Detection (GCTD), GIAC Public Cloud Security (GPCS), Azure/AWS/GCP security certs, and Certified Cloud Security Professional (CCSP) or equivalent.
• Operational experience in cleared government and/or security vendor verticals is desired.
• Experience with threat intelligence platforms, SIEM platforms, and various security vendor portals/platforms.
• Familiarity with regulatory requirements and industry standards related to cybersecurity and data protection specific to cloud environments
• Knowledge of programming or scripting languages (e.g., Python, PowerShell) for automation and data analysis.

 ​Bring out your best

SAP innovations help more than four hundred thousand customers worldwide work together more efficiently and use business insight more effectively. Originally known for leadership in enterprise resource planning (ERP) software, SAP has evolved to become a market leader in end-to-end business application software and related services for database, analytics, intelligent technologies, and experience management. As a cloud company with two hundred million users and more than one hundred thousand employees worldwide, we are purpose-driven and future-focused, with a highly collaborative team ethic and commitment to personal development. Whether connecting global industries, people, or platforms, we help ensure every challenge gets the solution it deserves. At SAP, you can bring out your best.

We win with inclusion

SAP’s culture of inclusion, focus on health and well-being, and flexible working models help ensure that everyone – regardless of background – feels included and can run at their best. At SAP, we believe we are made stronger by the unique capabilities and qualities that each person brings to our company, and we invest in our employees to inspire confidence and help everyone realize their full potential. We ultimately believe in unleashing all talent and creating a better and more equitable world.
SAP is proud to be an equal opportunity workplace and is an affirmative action employer. We are committed to the values of Equal Employment Opportunity and provide accessibility accommodations to applicants with physical and/or mental disabilities. If you are interested in applying for employment with SAP and are in need of accommodation or special assistance to navigate our website or to complete your application, please send an e-mail with your request to Recruiting Operations Team: Careers@sap.com
For SAP employees: Only permanent roles are eligible for the SAP Employee Referral Program, according to the eligibility rules set in the SAP Referral Policy. Specific conditions may apply for roles in Vocational Training.

EOE AA M/F/Vet/Disability:

Qualified applicants will receive consideration for employment without regard to their age, race, religion, national origin, ethnicity, age, gender (including pregnancy, childbirth, et al), sexual orientation, gender identity or expression, protected veteran status, or disability.
Successful candidates might be required to undergo a background verification with an external vendor.

Requisition ID: 426930  | Work Area: Information Technology  | Expected Travel: 0 - 10%  | Career Status: Professional  | Employment Type: Regular Full Time   | Additional Locations: #LI-Hybrid.