SA

Cyber Defense Specialist

Job summary

Newtown Square

Work model

Hybrid ยท 3 days home
4 days ago
Job description

Requisition ID: 427703 Work Area: Information Technology Expected Travel: 0% Career Status: Professional Employment Type: Regular Full Time Career Level: T3

Original Posting Date: 06/23/2025 Location: Newtown Square, PA Work Model: Hybrid Work Model

Purpose and Objective

SAP America, Inc. seeks a professional to identify, analyze, assess, and mitigate threats to information technology (IT) systems and/or networks in the context of implications to SAP.

Expectations and Tasks

  • Triage security alerts detected by Enterprise Detection and SIEM, analyze data to determine if a cyber-attack is occurring, scope the extent of a suspected attack, coordinate efforts to contain attacks, and provide guidance on remediation actions.
  • Perform Incident Response Tier II duties as a part of a cyber incident response team.
  • Leverage SAP's security tools to monitor, triage, and respond to security event alerts.
  • Communicate updates to stakeholders both within and outside security.
  • Perform intrusion scope and root cause analyses.
  • Handle critical severity incidents as described in the operations runbook.
  • Coordinate with Intelligence Analysts to correlate threat assessment data.
  • Perform cyber defense trend analysis and reporting.
  • Track and document cyber defense incidents from initial detection through final resolution, including cyber defense techniques used and lessons learned.
  • Collect intrusion artifacts and use discovered data to enable mitigation of potential cyber defense incidents within the enterprise.
  • Develop incident handling processes, standard operating procedures, playbooks, and runbooks.

Education and Occupational Experience

Bachelor's degree or foreign equivalent in Cyber Security, Computer Science, Engineering or a related field of study and five (5) years of progressive post-baccalaureate experience in the job offered or related occupation. Alternatively, a Master's degree or foreign equivalent in Cyber Security, Computer Science, Engineering or a related field of study and three (3) years of experience in the job offered or related occupation.

Qualifications/Skills and Competencies Experience

Experience must involve two (2) years in the following:

  • SIEM Administration and Operations, including Splunk, McAfee ESM, or Qradar;
  • Computer Forensics for Windows; and
  • Microsoft Office 365 Security Technologies.

Position also requires experience in each of the following:

  • Cloud Security, including Microsoft Azure Security;
  • Endpoint Security including McAfee ENS or Defender AV Detection and Response tools; and
  • Malware Analysis, Reverse Engineering, and programming.

Compensation Range Transparency

The annual base salary range for this position is $147,805 - $180,576. The targeted combined range for this position is $147,805 - $205,200. The actual amount to be offered to the successful candidate will be within that range, dependent upon the key aspects of each case which may include education, skills, experience, scope of the role, location, etc. as determined through the selection process.

We win with inclusion

SAP's culture of inclusion, focus on health and well-being, and flexible working models help ensure that everyone -- regardless of background -- feels included and can run at their best. SAP is committed to the values of Equal Employment Opportunity.