Expert Cyber Threat Intelligence Analyst

SAP is seeking a Expert Cyber Threat Intelligence Analyst (f/m/d) to join SAP's Cyber Intelligence & Threat Hunting (CITH) team with the position located in Germany. You will operate in a unique role that bridges strategic and operational intelligence, providing expertise-derived insight that directly supports both executive decision-making and frontline security operations. In the Strategic Intelligence service you will apply a strong understanding of global geopolitics, nation-state behavior, and macro threat trends to research, author, and brief intelligence assessments that contextualize cyber threats within the organization's global business interests. Your analysis will inform leadership on emerging risks, geopolitical drivers of cyber activity, and potential impacts to regional operations, partnerships, and supply chains, enabling data-driven decisions at the executive and business-unit level. Liaising with European and other global information sharing partners-both as a consumer and producer of actionable intelligence--will be a critical function of this position.

In parallel, you will support the Operational Intelligence service by translating strategic insights into actionable intelligence that strengthens detection and response capabilities. You will conduct deep, methodical research into adversary tactics, techniques, and procedures (TTPs)-including those used by APT and financially motivated actors-to enable intelligence-driven threat detection and proactive defense. Working closely with Threat Hunting, Incident Recovery and Response (IRR), and the Threat Informed Detection Engineering (TIDE) team, you will help identify detection gaps, help develop hypotheses for proactive hunts, and enrich investigations with high-confidence intelligence, ensuring intelligence efforts remain tightly aligned and actionable enabling cross-organizational security teams. Lastly, as a Senior Cyber Threat Intelligence Analyst you will be expected to serve as a mentor and support colleagues in their growth as cyber intelligence professionals and be the consummate teammate., * Translate business information needs to priority intelligence requirements (PIRs).

• Integrate geopolitical insights with cyber threat intelligence to assess potential impacts on organizational operations and assets.
• Coordinate with SAP Lines of Business (LOBs) stakeholders to ensure cyber intelligence requirements are being met.
• Support incident response providing threat intelligence contextualization during active incident investigations.
• Track and assess threats targeting modern enterprise environments, including cloud platforms (AWS, Azure, GCP), identity providers (Entra ID, Okta), SaaS applications, and software supply chains.
• Actively participate in Europe-based information sharing groups and lead expansion efforts of SAP membership in high-value information sharing communities within EU.
• Author technical reports on adversary behavioral tradecraft to support threat hunting and detection engineering.
• Develop highly polished intelligence reports utilizing graphics, charts, and impactful illustrations to distill complex geopolitical trends into actionable intelligence.

• Degree in Cybersecurity, Information Technology, Computer Science, National Security Studies, Political Science, Foreign Area Studies, or relevant on the job expertise.
• 7+ years of related professional experience as a Cyber Threat Intelligence Analyst.
• Experience using SOAR platforms to automate end-to-end intelligence workflows.
• Excellent report writing skills with the ability to create clear, concise, and impactful intelligence reports incorporating graphics and visualizations.
• Exceptional communication skills in English, both written and verbal, to effectively convey technical information to non-technical stakeholders. German skills highly beneficial.
• Good understanding of the intelligence lifecycle and associated analytic frameworks (Cyber Kill Chain, Diamond Model, ATT&CK, etc.), * Certifications such as Certified Threat Intelligence Analyst (CTIA), Certified Information Systems Security Professional (CISSP), or equivalent.
• Professional work experience in German state or federal law enforcement, security agency, or military unit in a cyber-related billet.
• Experience with threat intelligence platforms, SIEM platforms, and various security vendor portals/platforms.
• Familiarity with regulatory requirements and industry standards related to cybersecurity and data protection.
• Familiarity with utilizing AI agents to introduce efficiencies in intelligence collection and analysis workflows.
• Active membership in Germany and/or EU based information-sharing partnerships.
• Knowledge of programming or scripting languages (e.g., Python, PowerShell) for automation and data analysis.

At SAP, we keep it simple: you bring your best to us, and we'll bring out the best in you. We're builders touching over 20 industries and 80% of global commerce, and we need your unique talents to help shape what's next. The work is challenging - but it matters. You'll find a place where you can be yourself, prioritize your wellbeing, and truly belong. What's in it for you? Constant learning, skill growth, great benefits, and a team that wants you to grow and succeed., SAP innovations help more than four hundred thousand customers worldwide work together more efficiently and use business insight more effectively. Originally known for leadership in enterprise resource planning (ERP) software, SAP has evolved to become a market leader in end-to-end business application software and related services for database, analytics, intelligent technologies, and experience management. As a cloud company with two hundred million users and more than one hundred thousand employees worldwide, we are purpose-driven and future-focused, with a highly collaborative team ethic and commitment to personal development. Whether connecting global industries, people, or platforms, we help ensure every challenge gets the solution it deserves. At SAP, you can bring out your best. We win with inclusion SAP's culture of inclusion, focus on health and well-being, and flexible working models help ensure that everyone - regardless of background - feels included and can run at their best. At SAP, we believe we are made stronger by the unique capabilities and qualities that each person brings to our company, and we invest in our employees to inspire confidence and help everyone realize their full potential. We ultimately believe in unleashing all talent and creating a better world. SAP is committed to the values of Equal Employment Opportunity and provides accessibility accommodations to applicants with physical and/or mental disabilities. If you are interested in applying for employment with SAP and are in need of accommodation or special assistance to navigate our website or to complete your application, please send an e-mail with your request to Recruiting Operations Team: Careers@sap.com.