SAP Cybersecurity Threat Management Specialist

Job Summary

The SAP Cybersecurity Threat Management Specialist will be responsible for identifying and mitigating security threats, managing vulnerabilities, and ensuring the organization's security posture is robust, especially within SAP environments.

Key Responsibilities:

• 
  
• Monitor, analyze, and respond to security incidents and anomalies within SAP environments using tools like SAP ETD, Onapsis, and SecurityBridge to detect and prevent security threats in real time.
  
• Perform proactive threat hunting and forensic analysis leveraging SAP ETD, SecurityBridge, and other threat detection tools to identify vulnerabilities and suspicious activity in SAP systems.
  
• Develop, refine, and tune detection mechanisms to address emerging and evolving threats within SAP environments, including SAP S/4HANA, ECC, and other related systems.
  
• Configure, implement, and manage SAP GRC Access Control and SAP GRC Process Control tools to support governance, risk management, and compliance initiatives across SAP landscapes.
  
• Lead the identification, monitoring, and remediation of security vulnerabilities in SAP systems, using Onapsis, SAP ETD, and SecurityBridge to assess and protect against threats, including unauthorized access, configuration issues, and compliance gaps.
  
• Conduct periodic security assessments, audits, and penetration testing on SAP systems, ensuring compliance with internal policies and industry standards.
  
• Collaborate with cross-functional teams to assess and prioritize security risks in SAP and non-SAP systems.
  
• Conduct risk assessments, threat modeling, and vulnerability scanning, providing actionable insights for mitigation and remediation.
  
• Lead or assist in cybersecurity incident investigations and root cause analysis, ensuring rapid detection and containment of threats using SAP ETD, Onapsis, and SecurityBridge etc.
  
• Generate and communicate detailed incident reports, including post-mortem analyses and actionable recommendations for improving security posture.
  
• Develop and test incident response plans and procedures, integrating SAP ETD, SecurityBridge, and other relevant tools into the response workflow.
  
• Manage and enhance the organization's SAP GRC Access Control and SAP GRC Process Control frameworks to ensure compliance with relevant regulations (e.g. GDPR, SOX, PCI-DSS) and industry standards.
  
• Use Onapsis and SAP GRC Process Control to continuously monitor SAP systems for compliance and risk management, ensuring alignment with governance and regulatory requirements.
  
• Support internal and external audits, ensuring security and compliance measures are met and providing necessary documentation and evidence.
  
• Apply a strong understanding of SAP Basis concepts (e.g. system architecture, user management, transport management, database management) to support security and risk mitigation efforts within SAP systems.
  
• Collaborate with Basis and technical teams to ensure secure configuration, integration, and management of SAP systems, including SAP S/4HANA, SAP ECC, and other related components.
  
• Stay up to date with emerging trends, threats, and best practices in cybersecurity, SAP security, and tools like SAP ETD, SAP GRC Access Control, SAP GRC Process Control, Onapsis, SecurityBridge, and SAP Basis.
  
• Advocate for the integration of security by design in SAP system implementations, updates, and customizations.
  
• Candidates should have a bachelor's degree in Information Technology, Computer Science or related discipline and at least 12 years of experience in information security, cybersecurity, or risk management, with a focus on SAP threat detection and vulnerability management.
  
• Expertise in SAP GRC Access Control (including role management, segregation of duties (SoD), user provisioning) and SAP GRC Process Control (for continuous control monitoring and auditing).
  
• Strong understanding of SAP Basis concepts, including SAP system architecture, user management, transport management, and database management.
  
• Experience with technical SAP integration (e.g. RFC, ALE, IDocs, BAPIs) and securing SAP integration points.
  
• Hands-on experience with SAP ETD (Enterprise Threat Detection), Onapsis, and SecurityBridge for security monitoring and vulnerability management in SAP environments.
  
• Strong understanding of threat intelligence, security monitoring, and incident response processes.
  
• Experience with SIEM solutions (Splunk, ArcSight, QRadar) and other security technologies for real-time monitoring and threat detection.
  
• In-depth knowledge of network security, encryption, firewalls, and identity and access management (IAM).
  
• Familiarity with cybersecurity frameworks (NIST, ISO 27001, CIS) and regulatory compliance (GDPR, SOC 2, SOX, PCI-DSS).
  
• Experience in penetration testing or ethical hacking is a plus.
  
• Proven leadership ability, demonstrated executive presence and influence, ability to build client relationships, set and manage priorities judiciously, excellent written and oral communication skills, excellent interpersonal skills, ability to articulate ideas to both technical and non-technical audiences, exceptionally self-motivated and directed, superior analytical, evaluative, and problem-solving abilities, exceptional service orientation, ability to motivate in a team-oriented, collaborative environment.
  
• Certifications such as CISSP, CISM, CISA, SAP Certified Technology Associate in Security, or other relevant security certifications are a plus.
  
• Experience with cloud security (AWS, Azure, Google Cloud) and familiarity with DevSecOps principles and integration of security in agile development pipelines are preferred qualifications.
  
• Required Qualifications:
  
• Bachelor's degree in Information Technology, Computer Science or related discipline.
  
• At least 12 years of experience in information security, cybersecurity, or risk management, with a focus on SAP threat detection and vulnerability management.
  
• Expertise in SAP GRC Access Control and SAP GRC Process Control.
  
• Strong understanding of SAP Basis concepts and technical SAP integration.
  
• Hands-on experience with SAP ETD, Onapsis, and SecurityBridge.
  
• Strong understanding of threat intelligence, security monitoring, and incident response processes.
  
• Experience with SIEM solutions and other security technologies.
  
• In-depth knowledge of network security, encryption, firewalls, and IAM.
  
• Familiarity with cybersecurity frameworks and regulatory compliance.
  
• Experience in penetration testing or ethical hacking is a plus.
  
• Preferred Qualifications:
  
• Leadership competencies such as proven leadership ability, demonstrated executive presence and influence, ability to build client relationships, set and manage priorities judiciously, excellent written and oral communication skills, excellent interpersonal skills, ability to articulate ideas to both technical and non-technical audiences, exceptionally self-motivated and directed, superior analytical, evaluative, and problem-solving abilities, exceptional service orientation, ability to motivate in a team-oriented, collaborative environment.
  
• Certifications such as CISSP, CISM, CISA, SAP Certified Technology Associate in Security, or other relevant security certifications.
  
• Experience with cloud security (AWS, Azure, Google Cloud) and familiarity with DevSecOps principles and integration of security in agile development pipelines.
  
• LyondellBasell is an equal opportunity employer and does not discriminate on the basis of race, color, religion, gender, national origin, age, disability, or any other protected characteristic.
  
• LyondellBasell is committed to diversity and inclusion and is an affirmative action employer.
  
• LyondellBasell participates in E-Verify.
  
• LyondellBasell is a smoke-free workplace.