AIM Qualifications and Assessment Group

• Perform advanced triage of alerts escalated from L1, determining true vs false positives. • Investigate security events across endpoint, identity, network, and cloud telemetry. • Correlate events and map adversary behavior to MITRE ATT&CK while enriching findings with relevant threat intelligence context. • Execute or coordinate containment actions including host isolation (EDR), account disablement (Entra ID / IAM), and blocking indicators such as IPs, domains, or hashes. • Partner with Incident Response teams on high-severity or multi-system incidents and document actions, timelines, and evidence with a clear chain of reasoning. • Conduct hypothesis-driven threat hunting across endpoint, identity, and cloud datasets, particularly during evening shifts and on rotation. • Provide structured feedback to Detection Engineering on false positives, detection gaps, and tuning opportunities.

• Design and develop end-to-end solutions in S/4HANA using Modern ABAP syntax. • Build and maintain OData services using the ABAP RESTful Application Programming Model (RAP) for Fiori applications and external consumption. • Design, develop, and monitor integration flows (iFlows) within the SAP Integration Suite. • Collaborate with functional consultants to translate business requirements into technical specifications.