What You’ll Be Doing
Security Incident Management
Conduct and lead incident response activities (triage, root cause analysis, escalations, notifications, communication, etc.) resulting from security incidents consistent with Incident Response processes.
Manage the day-to-day security operational tasks, including but not limited to reviewing security alerts which have been escalated on the Chalhoub environment.
Recognise and review intrusion events and compromises through in-depth analysis of relevant event data.
Responsible for documenting observations identified throughout an incident lifecycle and escalating where required to progress any blockers.
Developing and revising Security Incident Response runbook/playbooks in line with emerging threat landscape.
Provide Incident Response support for the organisation including at times where this may be outside of business hours.
Provide a technical oversight in advanced capability during incidents and configuration changes.
Conduct dynamic and static malware analysis on samples from incidents flagged where required.
Understand and articulate emerging threats and incidents to different audiences, including technical, operations management, senior management and executives.
Provide accurate, succinct, and sufficiently detailed documentation of work performed.
Adhere to escalation and incident management processes and procedures.
Management of Vulnerability and Application Scanning performed by external vendors and ensuring actions are being followed up.
Performing analysis including non-technical explanations on Vulnerability Management reports and escalating accordingly where required.
Provide coaching and mentoring for other technical teams on technologies and vulnerability remediation as required.
Monitor and analyse the results of advice originating from the MSSP based on Intrusion Detection Systems (IDS), Anomaly Detection Systems (ADS), and Security Incident and Event Management (SIEM) toolset information to identify and manage security incident remediation.
Provide enhancement to use cases and operational efficiency across the security environment.
Respond to, report on, and track security events reported to the SIEM, system and event logs, and other sources that have been correlated by Symantec Managed SIEM Service which require further analysis.
Security Enhancement and Optimisations
Implement security improvements by assessing current situation; evaluating trends; anticipating requirements.
Monitor external event sources for security intelligence and actionable events/incidents.
Work with the Security Operations Manager to develop Security services and service improvement activities.
Maintain and improve personal knowledge of the technology landscape of the group.
Interact efficiently with other team members to sustain a highly technical environment and sharing knowledge regularly.
Ability to clearly articulate cyber security risks against business outcomes and provide advice on the remedial actions that should be undertaken.
Provide advice and guidance to teams around threats, vulnerabilities, and security changes.
What You’ll Need To Succeed
3 or more years of managing security operations (preferably in the retail industry) and working with security service providers.
Strong knowledge and experience of implementing security automation tools and techniques in a hybrid, multi-cloud environment.
Strong understanding of security risk management and experience of writing security risks identified from security incidents and vulnerability management.
Comprehensive understanding of the MITRE ATT&CK framework and common tactics used by Threat Actors to perform cyber-attacks.
Deep understanding of Email Security and performing header analysis to identify Indicators of Compromise (IOC) in addition to technical control failures post-delivery.
Practical knowledge of security defense techniques for E-Commerce web and mobile applications, cloud platforms, network infrastructure, end user computing and APIs.
Ability to explain technical complex concepts and operational data / reports (e.g., incident and vulnerability remediation trends) to non-technical audiences combined with excellent communication, presentation and organizational skills.
Knowledge of security and privacy standards as well as frameworks including ISO 27001, PCI DSS, GDPR etc.
Demonstrably self-motivated, pro-active, action orientated to achieve deadlines.
Able to perform end to end incident response activities for common threats independently.
Technical expertise on security technologies such as SentinelOne, Firewalls and proxy servers.
Experienced with log onboarding, ingestion, and optimization of use cases.
Communicate effectively to both technical and non-technical audience in highlighting cyber security risks and incidents.
Develop a strong relationship with internal stakeholders, ensuring security risks highlighted are tracked to mitigation.
We are Chalhoub Group, a leading partner for luxury across the Middle East for over 60 years. By blending our Middle East expertise, deep understanding of the local customer and intimate knowledge of luxury, were dedicated to making every customer experience unforgettable. For over six decades, Chalhoub Group has been a partner and creator of luxury experiences in the Middle East. The Group, in its endeavour to excel as a hybrid retailer, has reinforced its distribution and marketing services with a portfolio of eight owned brands and over 300 international brands in the luxury, beauty, fashion, and art de vivre categories. More recently, the Group expanded its expertise into new categories of luxury watches, jewellery, and eyewear. Every step at Chalhoub Group is taken with the customer at heart. Be it constantly reinventing itself or focusing on innovation to provide luxury experiences at over 750+ experiential retail stores, online and through mobile apps, each touch point leads to delighting the customer. Today, Chalhoub Group stands for 14,000 skilled and talented professionals across seven countries, whose cohesive efforts have resulted in the Group being ranked third in the Middle East and first in Saudi Arabia as a Great Place to Work. To keep the innovation journey going, the Group has set up The Greenhouse, which is not just an innovation hub, but also an incubator space and accelerator for start-ups and small businesses in the region and internationally. This is just one of the several initiatives taken by the Group to reinvent itself, catalysed by forward thinking and future proofing. The Group has also been embedding sustainability at the core of its business strategy with a clear commitment towards people, partners and the planet, and by being a member of the United Nations Global Compact Community and signatory of the Women’s Empowerment Principles.