26 days old

Lead Security Engineer Job

Newtown Square, PA 19073

Requisition ID: 258264
Work Area: Information Technology
Expected Travel: 0 - 10%
Career Status: Professional
Employment Type: Regular Full Time


SAP started in 1972 as a team of five colleagues with a desire to do something new. Together, they changed enterprise software and reinvented how business was done. Today, as a market leader in enterprise application software, we remain true to our roots. Thats why we engineer solutions to fuel innovation, foster equality and spread opportunity for our employees and customers across borders and cultures.
SAP values the entrepreneurial spirit, fostering creativity and building lasting relationships with our employees. We know that a diverse and inclusive workforce keeps us competitive and provides opportunities for all. We believe that together we can transform industries, grow economics, lift up societies and sustain our environment. Because its the best-run businesses that make the world run better and improve peoples lives.

Lead Security Engineer - Cyber Fusion Center



An SAP Lead Security Engineer provides crucial technical and operational leadership support to our frontline defenders of SAPs digital enterprise. Our Security Engineers are responsible for evaluating, selecting, architecting, implementing, and operating key security tools to support security monitoring, incident response, cyber threat intelligence, and vulnerability management operations.  Additionally, our Security Engineers provide key support in implementing and tuning detection signatures and integrating response actions as needed.



  • Provide leadership, mentoring, and training to Cyber Fusion Team personnel and to other SAP stakeholders and the SAP Global Security Team
  • Perform as the subject matter expert (SME) for one or more key tools crucial to security operationse.g., SIEM, Endpoint Detection & Response (EDR), Network Packet Capture, Netflow, Threat Intelligence Platform (TIP), and/or Security Operations and Automated Response (SOAR)
  • Architect, deploy, integrate, and support security operations tools (SIEM, IDS/IPS and AV) such at all levels of the cloud infrastructure stack
  • Develop, implement, and execute standard procedures for the administration, change management, version/patch management, and lifecycle management of critical security infrastructure  
  • Contribute to the continuously evolving SAP detection strategy
  • Develop and implement correlation rules and threat monitoring use cases
  • Troubleshoot and resolve issues with the threat monitoring toolsets
  • Security support of key elements of an AWS Cloud Environment
  • Create signatures and tools to analyze and detect malicious activity
  • Build automation for response and remediation of malicious activity
  • Architect and implement disaster recovery operations and data backups as required
  • Troubleshoot, diagnose and resolve hardware, software and other system problems
  • Research and implement new hardware and software solutions to fit company needs
  • Experience with Python, C/C++ , Java, Power Shell or other scripting language



  • Advanced degree in Computer Science, Software Engineering, Cyber Security, or related experience or field of study
  • Security certification (e.g. Security+, GIAC, CISSP)
  • Ability to build relationships and own a proven track record of using critical problem-solving and interpersonal skills to achieve success
  • Proven experience leading multi-functional teams
  • Proactive, self-managed, and able to interface well with sponsor personnel and inter-disciplinary teams across an organization
  • Ensures communication and escalation of security activities to leadership, assists in building and configuration of new security tools and systems
  • Strong quantitative and analytical skills, proven ability to track and successfully complete complex programs 
  • Experience and Strong Knowledge of Windows and Unix/Linux server Administration 
  • Comprehensive knowledge APT actors; their tools, techniques, and procedures (TTPs)
  • Knowledge of TTP methods and frameworks
  • Knowledge of application vulnerability testing tools and techniques and application whitelisting solutions. 
  • Experience with information security compliance audit frameworks and requirements e.g. PCI, FISMA, FedRAMP, SOC, SOX, PCI, GDPR and Data Privacy



  • 5-8 years experience in supporting one or more of the following technologies: SIEM, Endpoint Detection & Response (EDR), Network Packet Capture, Netflow, Threat Intelligence Platform (TIP), and/or Security Operations and Automated Response (SOAR)
  • Experience in Network architecture and design
  • Prefer 1-3 years working in a cloud environment supporting key elements of the AWS Environment to include:
    • AWS Networking & Connectivity
    • AWS Security & Identity Management
    • Security Groups
    • Network Access Control Lists
    • Custom Groups, Roles, Policy. 
    • AWS KMS (Key Management Service)
    • AWS IAM (Identity Access Management)
    • AWS MFA (Multi Factor Authentication)
    • AWS S3 bucket policy, cross account access
    • AWS Environment Monitoring
    • AWS CloudTrail
    • AWS Kinesis Firehose
  • 1-3 years experience working in a 24/7 operational environment (Cyber Intelligence Fusion Center, SOC, NOC, Operations Center)
  • Ability to possess and maintain a U.S. Government/DoD Clearance 



  • Newtown Square, PA, USA






To harness the power of innovation, SAP invests in the development of its diverse employees. We aspire to leverage the qualities and appreciate the unique competencies that each person brings to the company.

SAP is committed to the principles of Equal Employment Opportunity and to providing reasonable accommodations to applicants with physical and/or mental disabilities. If you are interested in applying for employment with SAP and are in need of accommodation or special assistance to navigate our website or to complete your application, please send an e-mail with your request to Recruiting Operations Team (Americas: Careers.NorthAmerica@sap.com or Careers.LatinAmerica@sap.com, APJ: Careers.APJ@sap.com, EMEA: Careers@sap.com). Requests for reasonable accommodation will be considered on a case-by-case basis.

EOE AA M/F/Vet/Disability:

Qualified applicants will receive consideration for employment without regard to their age, race, religion, national origin, gender, sexual orientation, gender identity, protected veteran status or disability.

Additional Locations :

Nearest Major Market: Philadelphia

Job Segment: ERP, Engineer, Developer, Computer Science, Security, Technology, Engineering


Posted: 2020-07-09 Expires: 2020-08-08

Before you go...

Our free job seeker tools include alerts for new jobs, saving your favorites, optimized job matching, and more! Just enter your email below.

Share this job:

Lead Security Engineer Job

Newtown Square, PA 19073

Join us to start saving your Favorite Jobs!

Sign In Create Account
Powered ByCareerCast