SAP Security Operations Engineer (m/f/d)<p>As an SAP Security Operations Engineer at Randstad Digital, you aren't just monitoring logs—you are the frontline defender of our client’s most critical business data. You will bridge the gap between traditional CyberSec and SAP Basis, ensuring that complex ERP landscapes are shielded against modern exploits, misconfigurations, and unauthorized access.</p><h3>Your Key Responsibilities</h3><p>In this role, you will lead the detection and response efforts for a high-stakes SAP environment:</p><ul><li><p>Detection & Rule Building: Create custom detection rules for SAP application and infrastructure layers to identify malicious activity and system misuse.</p></li><li><p>Monitoring & Telemetry: Oversee SAP logs, OS/AWS logs, and EDR telemetry (CrowdStrike) within SIEM dashboards (Splunk) to catch indicators of compromise.</p></li><li><p>Incident Response & Forensics: Perform triage and deep-dive investigations into SAP-related alerts, conducting forensic analysis across application and network layers.</p></li><li><p>Vulnerability Management: Monitor SAP HotNews, review system deviations, and recommend compensating controls for unpatched vulnerabilities.</p></li><li><p>Tool Optimization: Support and tune specialized security tools such as Onapsis, Pathlock, or RedSeal.</p></li><li><p>Reporting & Governance: Document monthly security health, KPIs, and audit logs to ensure continuous improvement of the security posture.</p></li></ul><h3>Your Profile</h3><p>We are looking for a hybrid professional who understands both the "Security" and "Basis" worlds.</p><ul><li><p>SAP Expertise: Strong grasp of SAP ERP security concepts (Security Audit Logs, RFC activity, roles/authorizations, and ABAP fundamentals).</p></li><li><p>SecOps Toolkit: Proven experience with Onapsis, Pathlock, Redshield as well as SIEM (Splunk), log analysis, and endpoint detection tools.</p></li><li><p>Infrastructure Knowledge: Familiarity with AWS cloud security architecture, network segmentation, and WAFs.</p></li><li><p>Legacy & Modern Systems: Ability to investigate OS-level threats on legacy systems and correlate them with SAP application behavior.</p></li><li><p>Technical Literacy: Proficient in scripting (Python, PowerShell, or Terraform) for automation and log enrichment.</p></li><li><p>Security Tools: Experience with CrowdStrike, Cloudflare, Qualys, or Fortinet is a significant advantage.</p></li></ul><h3>Why Randstad Digital?</h3><p>At Randstad Digital Switzerland, we offer you the opportunity to work on large-scale, high-impact projects with the backing of a global leader in technology talent.</p><ul><li><p>Professional Growth: Access to continuous learning and certifications.</p></li><li><p>Expert Community: Join a team of specialists who are redefining digital transformation.</p></li><li><p>Flexibility: Competitive Swiss employment conditions with modern hybrid working models.</p></li></ul><p>Due to urgency of this position, we are only able to accept applications from candidates based in Switzerland or from the EU</p>