Senior Analyst - Information Security

Job description / Role

INSPIRE | EXHILARATE | DELIGHT

For over six decades, Chalhoub Group has been a partner and creator of luxury experiences in the Middle East. The Group, in its endeavour to excel as a hybrid retailer, has reinforced its distribution and marketing services with a portfolio of eight owned brands and over 300 international brands in the luxury, beauty, fashion, and art de vivre categories. More recently, the Group expanded its expertise into new categories of luxury watches, jewellery, and eyewear.

Every step at Chalhoub Group is taken with the customer at heart. Be it constantly reinventing itself or focusing on innovation to provide luxury experiences at over 750+ experiential retail stores, online and through mobile apps, each touch point leads to delighting the customer.

We are seeking an experienced, hands-on security analyst with a deep understanding of the emerging cyber threats and vulnerabilities. As a Senior Security Analyst, you will be a key member of our information security team, responsible for monitoring, analysing, and responding to security alerts and incidents. You will play a critical role in maintaining the security posture of our organization through proactive threat detection, incident investigation, and collaboration with cross-functional teams.

What you'll be doing:

Security Incident Management

- Conduct and lead incident response activities (triage, root cause analysis, escalations, notifications, communication, etc.) resulting from security incidents consistent with Incident Response processes.
- Manage the day-to-day security operational tasks, including but not limited to reviewing security alerts which have been escalated on the Chalhoub environment.
- Recognise and review intrusion events and compromises through in-depth analysis of relevant event data.
- Responsible for documenting observations identified throughout an incident lifecycle and escalating where required to progress any blockers.
- Developing and revising Security Incident Response runbook/playbooks in line with emerging threat landscape.
- Provide Incident Response support for the organisation including at times where this may be outside of business hours.
- Provide a technical oversight in advanced capability during incidents and configuration changes.
- Conduct dynamic and static malware analysis on samples from incidents flagged where required.
- Understand and articulate emerging threats and incidents to different audiences, including technical, operations management, senior management and executives.
- Provide accurate, succinct, and sufficiently detailed documentation of work performed.
- Adhere to escalation and incident management processes and procedures.

Vulnerability Management

- Management of Vulnerability and Application Scanning performed by external vendors and ensuring actions are being followed up.
- Performing analysis including non-technical explanations on Vulnerability Management reports and escalating accordingly where required.
- Provide coaching and mentoring for other technical teams on technologies and vulnerability remediation as required.

Security Engineering

- Monitor and analyse the results of advice originating from the MSSP based on Intrusion Detection Systems (IDS), Anomaly Detection Systems (ADS), and Security Incident and Event Management (SIEM) toolset information to identify and manage security incident remediation.
- Provide enhancement to use cases and operational efficiency across the security environment.
- Respond to, report on, and track security events reported to the SIEM, system and event logs, and other sources that have been correlated by Symantec Managed SIEM Service which require further analysis.

Security Enhancement and Optimisations

- Implement security improvements by assessing current situation; evaluating trends; anticipating requirements.
- Monitor external event sources for security intelligence and actionable events/incidents.
- Work with the Security Operations Manager to develop Security services and service improvement activities.
- Maintain and improve personal knowledge of the technology landscape of the group.
- Interact efficiently with other team members to sustain a highly technical environment and sharing knowledge regularly.
- Ability to clearly articulate cyber security risks against business outcomes and provide advice on the remedial actions that should be undertaken.
- Provide advice and guidance to teams around threats, vulnerabilities, and security changes.

Requirements

What You'll Need To Succeed

- 3 or more years of managing security operations (preferably in the retail industry) and working with security service providers.
- Strong knowledge and experience of implementing security automation tools and techniques in a hybrid, multi-cloud environment.
- Strong understanding of security risk management and experience of writing security risks identified from security incidents and vulnerability management.
- Comprehensive understanding of the MITRE ATT&CK framework and common tactics used by Threat Actors to perform cyber-attacks.
- Deep understanding of Email Security and performing header analysis to identify Indicators of Compromise (IOC) in addition to technical control failures post-delivery.
- Practical knowledge of security defense techniques for E-Commerce web and mobile applications, cloud platforms, network infrastructure, end user computing and APIs.
- Ability to explain technical complex concepts and operational data / reports (e.g., incident and vulnerability remediation trends) to non-technical audiences combined with excellent communication, presentation and organizational skills.
- Knowledge of security and privacy standards as well as frameworks including ISO 27001, PCI DSS, GDPR etc.
- Demonstrably self-motivated, pro-active, action orientated to achieve deadlines.
- Able to perform end to end incident response activities for common threats independently.
- Technical expertise on security technologies such as SentinelOne, Firewalls and proxy servers.
- Experienced with log onboarding, ingestion, and optimization of use cases.
- Communicate effectively to both technical and non-technical audience in highlighting cyber security risks and incidents.
- Develop a strong relationship with internal stakeholders, ensuring security risks highlighted are tracked to mitigation.

What we can offer you

With us, you will turn your aspirations into reality. We will help shape your journey through enriching experiences, learning and development opportunities and exposure to different assignments within your role or through internal mobility. Our Group offers diverse career paths for those who are extraordinary, every day.

We recognise the value that you bring, and we strive to provide a competitive benefits package which includes health care, child education contribution, remote and flexible working policies as well as exclusive employee discounts.

About the Company

The Chalhoub Group is the leading partner for luxury across the Middle East since 1955. As an expert in retail, distribution and marketing services based in Dubai, the group has become a major player in the fashion, beauty and gift sectors regionally.

By blending its Middle East expertise and intimate knowledge of luxury, Chalhoub Group is building brands in the region, by offering service excellence to all its partners and a unique experience to its customers through its passionate teams.

With a growing workforce of more than 9,000 people, implemented in 14 countries, as well as the operating of over 470 retail outlets, the group's success is attributed to its most valued asset of highly skilled and dedicated teams. Professionalism and passion are what fuel the Chalhoub Group's competitive edge in today's market.

By being committed to implementing sustainable practices into their business, the Chalhoub Group has been awarded in 2013 the CSR Label from the Dubai Chamber of Commerce.