SAP-logo
SAP
·
March 2, 2026
Apply Now
This job has closed.

Security Incident Response Analyst

Newtown Square, PA
Full-time
Hybrid
$90K/yr - $153K/yr
Entry, Mid Level
SAP is a market leader in end-to-end business application software and related services. The Security Incident Response Analyst role involves real-time analysis and escalation coordination of cyber threat events, providing situational analysis of security alerts, and developing actionable remediation steps.
Apply Now

Responsibilities

  • The Security Incident Response Analyst role will be dedicated to the real time analysis and escalation coordination of detected cyber threat events and intelligence, supporting operational efforts around the Security Detection and remediation to various system owners and other stakeholders and ensuring real time capability enhancement to respond to evolving threats
  • The Security Incident Response Analyst role will be responsible for providing timely situational analysis of Security Alerts, escalation and tracking of potential attacks for remediation to system owners and provide information for potential impact to the environments’ security posture, and the development of actionable remediation steps where relevant
  • The Security Incident Response Analyst role will work as an integrated part of the Security Incident Response Team, working in a follow the sun model with members across the globe
  • Candidates in this role will review and analyze identified security event alerts, information and security intelligence relevant to threats facing the systems, infrastructure, and resources critical to our clients
  • They will use this information to determine validity, severity, provide remediation recommendations and communicate this security event analysis to the system owners for remediation on a real time basis as well as tracking and reporting of these activities
  • Candidates should be experienced in analyzing cyber-attack attempts threats and security intelligence analysis, event tracking and escalation management and reporting
  • The ideal candidate would be expected to stay current with the latest security related news, attack techniques, understand current vulnerabilities, and their respective countermeasures
  • Strong verbal, written communication skills with high level of detail accuracy
  • Strong security background performing review and analysis of cyber-attacks and developing remediation recommendations
  • Creative problem-solving skills and can apply knowledge to new and never before encountered scenarios, often working under pressure situations
  • Takes an active part in the gathering, analysis, and communication of Attack alerts identified by monitoring teams
  • Present actionable analysis and recommendations of identified cyber alerts to system owners and leadership across business lines as necessary
  • Develop and modify documentation detailing new and improved run-books for the processes of threat analysis capability and eventual cataloging of the indicators of attack by assessed impact to the environment
  • Ability to work easily with diverse and dynamic teams
  • Understanding of Application Architectures and application attack methodologies
  • Depth of knowledge in two or more of the core Security Operations and Incident Response domains such as Security Triage, Cyber Threat Hunting, Security operations management, incident investigation and response process and procedures
  • Depth of knowledge in contemporary and legacy security technologies used within the Security Operations domain (such as SIEM technologies, ticketing and workflow orchestration, Threat-Intelligence Platforms, active defense, UseCase construction, Cloud based operations, etc)
  • Knowledge in and current knowledge of security threat intelligence and recent attack vectors including network, application and social methods
  • Knowledge in and an understanding or proficiency in information security and compliance regulations, frameworks and leading practices

Qualification

Required

  • At least 2 years experience in the field of security analysis, intelligence, engineering, architecture, operations and/or assurance functions
  • A degree from a recognized university in the sciences, engineering, information security, or related studies
  • Demonstrable experience in the area of time critical Cyber attack event analysis, threat intelligence application, vulnerability analysis and event escalation
  • Demonstrable experience using monitoring tools to identify cyber security events or alerts of potential/active threats, intrusions, and/or compromises
  • Candidates must be willing to work in an on-call situation and function independently at times
  • Strong verbal, written communication skills with high level of detail accuracy
  • Strong security background performing review and analysis of cyber-attacks and developing remediation recommendations
  • Creative problem-solving skills and can apply knowledge to new and never before encountered scenarios, often working under pressure situations
  • Takes an active part in the gathering, analysis, and communication of Attack alerts identified by monitoring teams
  • Present actionable analysis and recommendations of identified cyber alerts to system owners and leadership across business lines as necessary
  • Develop and modify documentation detailing new and improved run-books for the processes of threat analysis capability and eventual cataloging of the indicators of attack by assessed impact to the environment
  • Ability to work easily with diverse and dynamic teams
  • Understanding of Application Architectures and application attack methodologies
  • Depth of knowledge in two or more of the core Security Operations and Incident Response domains such as Security Triage, Cyber Threat Hunting, Security operations management, incident investigation and response process and procedures
  • Depth of knowledge in contemporary and legacy security technologies used within the Security Operations domain (such as SIEM technologies, ticketing and workflow orchestration, Threat-Intelligence Platforms, active defense, UseCase construction, Cloud based operations, etc)
  • Knowledge in and current knowledge of security threat intelligence and recent attack vectors including network, application and social methods
  • Knowledge in and an understanding or proficiency in information security and compliance regulations, frameworks and leading practices

Preferred

  • Technical experience working with enterprise security technologies like SIEM, antivirus/malware, IDS, WAF, DDoS mitigation platforms
  • Specific operational knowledge of Splunk, Service Now platforms
  • Experience utilizing Threat Intelligence Analysis
  • Understanding of back-channels typically used by actors for malicious activity (IRC, Dark Web)
  • Experience working on global/multicultural teams across different time zones

Benefits

  • SAP North America Benefits
SAP provides enterprise application software to various industries, including consumer, discrete manufacturing, public services. It is a sub-organization of Delos Cloud.
Glassdoor
4.3
Founded in 1972
Walldorf, Baden-Wurttemberg, DEU
10001+ employees
https://www.sap.com
SAP provides enterprise application software to various industries, including consumer, discrete manufacturing, public services. It is a sub-organization of Delos Cloud.
Glassdoor
4.3
Founded in 1972
Walldorf, Baden-Wurttemberg, DEU
10001+ employees
https://www.sap.com
5 other Similar Jobs
GE Vernova-logo
GE Vernova
Engineer - Security Systems
Aecon Group Inc.-logo
Aecon Group Inc.
Information Services Co-op, GRC & Contracts
Lockheed Martin-logo
Lockheed Martin
Cyber Security Engineer - Early Career

newgrad-jobs.com

Hot Jobs
Cyber Security Jobs
Data Analyst Jobs
Project Manager Jobs
Software Engineer Jobs
IT Support Jobs
Explore More
Job Search Resources
Best Paid Jobs With No Experience
Best Work From Home Companies
Best Paying Entry Level Jobs
Explore More