(Senior) Cyber Detection Engineer (m/f/d) - SAP Global Security & Cloud Compliance

We help the world run better. At SAP, we keep it simple: you bring your best to us, and we'll bring out the best in you. We're builders touching over 20 industries and 80% of global commerce, and we need your unique talents to help shape what's next. The work is challenging – but it matters. You'll find a place where you can be yourself, prioritize your wellbeing, and truly belong. What's in it for you? Constant learning, skill growth, great benefits, and a team that wants you to grow and succeed.

What You’ll Do

We are seeking a skilled Cyber Detection Engineer to join our team and work on cutting-edge cloud and container security projects. This role offers the opportunity to develop and implement strategies to detect anomalous or malicious behavior in Public Cloud environments such as AWS, Azure, and GCP, as well as Container platforms like Kubernetes, EKS, AKS, and GKE. You will be at the forefront of cybersecurity, creating effective Security Information and Event Management (SIEM) detection logic and analyzing security alerts to enhance detection capabilities. You will collaborate with Security Architecture teams and utilize threat intelligence to align detection strategies to identify the most concerning threat vectors. This position provides a unique chance to integrate detection strategies across various business lines and security teams, ensuring robust protection for cloud and container environments.

The Role

As a Cyber Detection Engineer, you will be responsible for developing and implementing strategies to identify and mitigate security threats in Public Cloud and Container environments. You will create SIEM detection logic based on vendor alerts and system logging and will analyze security alerts to optimize detection content. You will also collaborate with Security Architecture teams and lines of business to understand and secure cloud and container landscapes. Your role will involve utilizing threat intelligence to align detection strategies with probable threat vectors. Documentation of processes and detection strategies will be a key aspect of your responsibilities.

What you bring

• Technical Knowledge: Experience in cloud or container security architecture, focusing on developing detection logic in SIEM and native platforms.
• Programming Skills: Proficiency in Python and PowerShell.
• Incident Response: Background in incident response, penetration testing, or cyber threat hunting.
• Threat Intelligence: Familiarity with frameworks like MITRE ATT&CK.
• Communication: Strong written and verbal skills to convey technical concepts to non-technical audiences.

Preferred qualifications include certifications such as CKA, AWS Certified Security - Specialty, Azure Security Engineer Associate, or Google Professional Cloud Security Engineer. Experience with detection-as-code platforms is a plus.