Data Platform SIEM Engineer (Splunk)

We help the world run better

At SAP, we enable you to bring out your best. Our company culture is focused on collaboration and a shared passion to help the world run better. How? We focus every day on building the foundation for tomorrow and creating a workplace that embraces differences, values flexibility, and is aligned to our purpose-driven and future-focused work. We offer a highly collaborative, caring team environment with a strong focus on learning and development, recognition for your individual contributions, and a variety of benefit options for you to choose from.

The Role

As a Data Platform SIEM Engineer, you will play a crucial role in advancing the development, maintenance, and configuration of SAP's global logging and monitoring ecosystem. Your expertise in Splunk and other SIEM platforms will be vital in maintaining the infrastructure that supports our global Detection Platform. Collaborating with key stakeholders, you'll gather requirements, ensure seamless implementation, and serve as a point of escalation for system outages. Additionally, mentoring Operations staff and promoting data hygiene and quality will be critical components of your day-to-day responsibilities. Your efforts in building new capabilities, optimizing existing systems, and thorough documentation will ensure sustainability for future team members.

About Us :

The Data Platform Engineering Team is responsible for developing the SIEM platform used across partner organizations for Incident Response, Cyber Threat Intelligence, and Vulnerability Management within SAP's lines-of-business. Our platform serves as the central investigative tool for both the Cyber Defense & Design team and SAP's lines-of-business, enhancing their ability to analyze suspicious activities comprehensively. Additionally, it supports IT Operations workloads, enabling proactive monitoring and compliance.

Key Qualifications :

• Experience with data tools such as Splunk, Cribl, and ELK; familiarity with standard data formats (JSON, CSV, syslog) and proficiency in regex / transforms / grok rules.
• Proficiency in GitHub VCS fundamentals and integration with CI / CD tools (e.g., Jenkins, GitHub Actions).
• Strong network design and troubleshooting skills, including DNS.
• Linux administration skills, including knowledge of bash, GNU CLI tools, and subsystems like systemd; ability to explain Linux concepts such as filesystems, kernel tuning, and boot processes.
• Experience managing AWS hyperscalers, particularly EC2, Route53, Lambda, VPC, and S3.

Desirable Skills :

Bring out your best

SAP innovations help more than four hundred thousand customers worldwide work together more efficiently and use business insight more effectively. Originally known for leadership in enterprise resource planning (ERP) software, SAP has evolved to become a market leader in end-to-end business application software and related services for database, analytics, intelligent technologies, and experience management. As a cloud company with two hundred million users and more than one hundred thousand employees worldwide, we are purpose-driven and future-focused, with a highly collaborative team ethic and commitment to personal development. Whether connecting global industries, people, or platforms, we help ensure every challenge gets the solution it deserves. At SAP, you can bring out your best.