SAP Senior Cybersecurity Threat Analyst 

Romania 

849234207

Key Responsibilities include:

Threat Modeling and Remediation Planning:

• Develop and maintain threat models to identify, assess, and mitigate potential security risks across the organization’s infrastructure.
• Collaborate with cross-functional teams to understand business processes, systems, and data flows for accurate threat modeling.
• Provide detailed remediation advice and planning to mitigate identified threats and vulnerabilities.
• Work closely with the incident response team to ensure effective handling of security incidents based on threat models.

Threat Hunting and Detection:

• Conduct proactive threat hunting activities to identify malicious activities, potential threats, and vulnerabilities within the organization’s network and systems.
• Develop and implement new detection strategies and tools to identify and respond to emerging threats.
• Analyze threat intelligence data to identify trends, patterns, and indicators of compromise (IOCs) to improve detection capabilities.
• Regularly update detection mechanisms based on new intelligence and emerging threats.

Vulnerability Proof of Concept and Offensive Tooling Knowledge Transfer:

• Perform proof of concept (PoC) testing on vulnerabilities to assess the potential impact and validate security controls.
• Develop and document PoC scripts and methodologies for identified vulnerabilities to enhance understanding and response strategies.
• Provide training and knowledge transfer to the blue team on offensive tooling, including the use and detection of tools used by adversaries.
• Assist in the development of defensive tactics and techniques by leveraging insights gained from offensive tool usage.

Collaboration and Reporting:

• Collaborate with the blue team and other security teams to enhance the organization’s overall security posture.
• Prepare detailed reports and presentations on threat modeling, hunting activities, PoC findings, and detection proposals.
• Communicate complex technical information to non-technical stakeholders to ensure a clear understanding of security risks and mitigation strategies.

Required Skills and Experience:

• Bachelor’s degree in Computer Science, Information Security, or a related field; or equivalent experience.
• 3+ years of experience in cybersecurity, with a focus on threat modeling, threat hunting, vulnerability assessment, or incident response.
• Strong understanding of cybersecurity principles, threat landscapes, and offensive and defensive security techniques.
• Hands-on experience with threat modeling methodologies, such as STRIDE, PASTA, or ATT&CK.
• Proficiency in using cybersecurity tools for threat hunting, vulnerability assessment, and penetration testing (e.g., SIEM, IDS/IPS, EDR, Nmap, Metasploit, etc.).
• Experience in developing and conducting proof of concepts for vulnerabilities and security controls.
• Familiarity with offensive security tools and techniques, such as exploitation frameworks, malware analysis, and red teaming.
• Strong analytical and problem-solving skills with the ability to think like an adversary.
• Excellent communication skills, with the ability to articulate complex security issues to diverse audiences.

Preferred Skills:

• Relevant cybersecurity certifications (e.g., CISSP, CEH, OSCP, GCIH, etc.).
• Experience with scripting and automation (e.g., Python, PowerShell, Bash).
• Knowledge of cloud security and securing cloud-based environments (AWS, Azure, GCP).
• Experience working in a SOC or with incident response teams.

​

Job Segment:Cloud, ERP, Testing, Cyber Security, Computer Science, Technology, Security