Beschreibung
Exp- 3-6 YearsLocation- Germany (Remote Option available)
Key Skills: Experience in design & development of ECS SIEM Architecture / ECS EDR Architecture, SIEM to SIEM integration, Endpoint Detection & Response tools (EDR), Project Management skills
Mandatory: CISSP certification
Job Description:
The SAP Enterprise Cloud Services (ECS) through the Chief Security Office, is driving a project to re-architect our Security Detection capabilities in the area of Endpoint Detection & Response (EDR) and Security Information & Event Management (SIEM). This new architecture aims to achieve better visibility end to end, increased detection capabilities, security operations and advanced engineering.
One of the main objectives is to bring the process to the state that all tools that generate security data as well as systems (90% Linux environment) are fully integrated.
It is expected that you work with Global SAP Security Teams, ECS Security Delivery and also ECS Technical Operations to coordinate the implementation of this project and the proposed timelines. You need to design with the Global Teams the way the configuration will be executed and to drive the support needed from all the teams involved in order for this to actually happen.
You will translate security concepts to actual step by step procedures that will be used by technical operations to implement agents, define routes, open ports, create communication channels, redefine types of logs etc.
You will work with Service Engineering teams to define a service where new customers will be able to consume logs through an API that will not expose ECS or SAP data in any way (SIEM to SIEM integration).
You will also advise about metrics that could be shared with customers and also how to define a service that will offer advanced security reporting to different customers from the private cloud environment they are using.
Deliverables-
Design and document the new ECS SIEM Architecture and work together with Global and Local teams on the rollout
Design an API-based concept to offer customers access to logs from their private cloud environment (SIEM to SIEM integration)
Design and document the new ECS EDR Architecture and work together with Global and Local teams on the rollout
Act as a Security Project Manager for these 2 initiatives and coordinate resources involved (especially from Technical Operations and Security Delivery team) to deliver the desired outcome
Deliver Executive Summaries (monthly) and Quarterly Business Reviews (QBRs) that will define the success of the initiatives and/or roadblocks/challenges encountered.
Skills-
5+ years of experience architecting SIEM tools and complex SIEM environments, from which 2+ years of experience working with Splunk Enterprise Security
3+ years of experience architecting Endpoint Detection & Response tools (EDR), from which Tanium experience is highly appreciated
Experience with a MSSP model in a public/private cloud environment - shared responsibility with customers
Strong Security Project Management skills
CISSP certification
Fluent Communication Skills (English)