Performs incident response duties as part of the global cyber incident response team
Provide timely and relevant updates to SAP leadership and internal stakeholders Acts as a technical liaison for internal and external incident responders
Carries out attack scope and root cause analyses by using forensic investigation methods
Partner with internal teams to review monitoring requirements and create detection alerts
Develop automated workflows that will reduce detection and response times
Ensure the review and closure of resolved and end-user confirmed cybersecurity incidents
Follow proper evidence handling and chain of custody protocols to produce written reports documenting digital forensic findings
Review current process workflows and make improvements to detection and alerting mechanisms
Identify increasing trend of repetitive incidents, and work with architecture,
DevOps, and infrastructure teams to identify root cause and create action plans to increase resiliency
Continuously monitor levels of service as well as interpret and prioritize threats through use of intrusion detection systems, firewalls, other boundary protection devices, and any security incident management products deployed
Recognize potential, successful, and unsuccessful intrusion attempts and compromises through review and analyses of relevant event detail and summary information
Test and maintain incident response plans and processes to address existing and emerging threats
Requirements :
Bachelor’s or master’s degree in Computer Science, Information Security, Information Systems, Engineering or related work experience.
Profound understanding of one or more technical areas like: