Cyber Defense Sr Specialist / Digital & Cloud Forensics Expert

SAP

6 - 10 years

25 - 30 Lacs

bengaluru

Posted:2 weeks ago| Platform:

Apply

Skills Required

sap linux analytical cloud forensic investigations windows information technology operations analytics auditing

Work Mode

Work from Office

Job Type

Full Time

Job Description

Conduct initial assessments and help drive root cause analysis.
Contribute to the development of attack remediation and response strategies.
Coordinate escalation handling and communication across teams.
Triage operational security processes, including phishing response.
Assist in maintaining and improving incident handling documentation such as playbooks, runbooks, and standard operating procedures.
Collaborate with Detection and SIEM teams to enhance detection logic and alert accuracy.
Support forensic investigations with technical insights and evidence collection.
Analysing cloud logs and telemetry for signs of compromise (e.g., CloudTrail, VPC Flow Logs, Azure Activity Logs).
Leverage your offensive knowledge to identify gaps, simulate attacks, and drive improvements in detection, response, and hardening strategies.
We value hands-on practitioners our environment includes sandboxing, red vs. blue testing, or adversary emulation frameworks (e.g., MITRE ATT&CK, CALDERA, Atomic Red Team) and opportunities to build tooling or simulate attack chains.

What you bring

We are seeking analytical and detail-oriented critical thinkers who are solution-focused and thrive in dynamic environments.
The ideal candidate should be a fast learner with the ability to adapt quickly and respond effectively to changing circumstances.
Preferred Technical Skills and Experience:
Experience of 8 14+ years in a cyber incident investigation role or equivalent combination of education, certifications, and relevant training.
Certifications - Industry-recognized certifications such as Security+, GCIA, GCIH, GCFA, GCFE, GREM, CISSP (or equivalent).
Strong understanding of Advanced Persistent Threat (APT) actors, their tools, techniques, and procedures (TTPs), as we'll as threat modelling frameworks.
Proficiency in TCP/IP communications and knowledge of core network protocols and applications such as DNS, HTTP, and SMB.
Security Infrastructure Tools: (SIEM, IDS, EDR, DNS, other Deception technologies)
Proficiency in scripting languages such as PowerShell, Python, or Bash.

Core Forensic Competencies:

Expertise in memory, disk, and file system forensics across multiple OS platforms (Windows, Linux, macOS).
Experience performing volatile memory acquisition and analysis (e.g., using Volatility, Plaso, Sleuth Kit, Velociraptor, KAPE).
Proficient in analysing logs, timelines, and system artifacts to reconstruct attacker activity.
Proficiency in forensic toolsets such as EnCase, FTK, X-Ways, Autopsy/other.
Knowledge of file carving, metadata analysis, and data recovery.

Cloud Forensics & Logging:

Experience analysing cloud logs (e.g., CloudTrail, Azure Activity Logs, GCP Audit Logs).
Familiarity with cloud storage and compute forensics (e.g., EC2, Lambda, S3, Blob Storage).
Ability to investigate container and orchestration layers (e.g., Docker, Kubernetes, EKS/AKS/GKE)

Where you belong

An SAP Global Cyber Senior Incident Response and Recovery Investigator plays a critical role in safeguarding SAP s digital enterprise
As a front-line defender, the Investigator is responsible for triaging security events identified by monitoring tools, analysing data to assess severity and urgency, and conducting initial evaluations to determine whether a cyberattack is underway
When a potential incident is identified, the Investigator works closely with Global Security Operations to scope the impact, coordinate containment efforts, and support forensic investigations to uncover the nature and details of the attack

More Jobs at SAP

BRIM CC Consultant-Bangalore/Gurgaon

Bengaluru

7 - 9 yrs

INR 17 - 19 Lacs

Senior Developer

Bengaluru

8 - 12 yrs

INR 45 - 50 Lacs

Senior Developer - C++

Bengaluru

5 - 8 yrs

INR 11 - 15 Lacs

Cloud and Backup Architect - SAP Enterprise Cloud Services

Bengaluru

10 - 15 yrs

INR 50 - 55 Lacs

Cloud ERP Adoption and Experience Office Expert

Gurugram, Haryana

5 - 5 yrs

Salary: Not disclosed

Mock Interview

Practice Video Interview with JobPe AI

Start Job-Specific Interview

Start Your Job Search Today

Browse through a variety of job opportunities tailored to your skills and preferences. Filter by location, experience, salary, and more to find your perfect fit.