Text size

Senior Analyst - Information Security

Country : United Arab Emirates United Arab Emirates

Region : Dubaï

Town : DUBAI

Category : Finance

Contract type : Permanent

Availability : Full time

Job description


For over six decades, Chalhoub Group has been a partner and creator of luxury experiences in the Middle East. The Group, in its endeavour to excel as a hybrid retailer, has reinforced its distribution and marketing services with a portfolio of eight owned brands and over 300 international brands in the luxury, beauty, fashion, and art de vivre categories. More recently, the Group expanded its expertise into new categories of luxury watches, jewellery, and eyewear.

Every step at Chalhoub Group is taken with the customer at heart. Be it constantly reinventing itself or focusing on innovation to provide luxury experiences at over 750+ experiential retail stores, online and through mobile apps, each touch point leads to delighting the customer.

We are seeking an experienced, hands-on security analyst with a deep understanding of the emerging cyber threats and vulnerabilities. As a Senior Security Analyst, you will be a key member of our information security team, responsible for monitoring, analysing, and responding to security alerts and incidents. You will play a critical role in maintaining the security posture of our organization through proactive threat detection, incident investigation, and collaboration with cross-functional teams.

What you'll be doing:

Security Incident Management

  • Conduct and lead incident response activities (triage, root cause analysis, escalations, notifications, communication, etc.) resulting from security incidents consistent with Incident Response processes.
  • Manage the day-to-day security operational tasks, including but not limited to reviewing security alerts which have been escalated on the Chalhoub environment.
  • Recognise and review intrusion events and compromises through in-depth analysis of relevant event data.
  • Responsible for documenting observations identified throughout an incident lifecycle and escalating where required to progress any blockers.
  • Developing and revising Security Incident Response runbook/playbooks in line with emerging threat landscape.
  • Provide Incident Response support for the organisation including at times where this may be outside of business hours.
  • Provide a technical oversight in advanced capability during incidents and configuration changes.
  • Conduct dynamic and static malware analysis on samples from incidents flagged where required.
  • Understand and articulate emerging threats and incidents to different audiences, including technical, operations management, senior management and executives.
  • Provide accurate, succinct, and sufficiently detailed documentation of work performed.
  • Adhere to escalation and incident management processes and procedures.
Vulnerability Management

  • Management of Vulnerability and Application Scanning performed by external vendors and ensuring actions are being followed up.
  • Performing analysis including non-technical explanations on Vulnerability Management reports and escalating accordingly where required.
  • Provide coaching and mentoring for other technical teams on technologies and vulnerability remediation as required.
Security Engineering

  • Monitor and analyse the results of advice originating from the MSSP based on Intrusion Detection Systems (IDS), Anomaly Detection Systems (ADS), and Security Incident and Event Management (SIEM) toolset information to identify and manage security incident remediation.
  • Provide enhancement to use cases and operational efficiency across the security environment.
  • Respond to, report on, and track security events reported to the SIEM, system and event logs, and other sources that have been correlated by Symantec Managed SIEM Service which require further analysis.
Security Enhancement and Optimisations

  • Implement security improvements by assessing current situation; evaluating trends; anticipating requirements.
  • Monitor external event sources for security intelligence and actionable events/incidents.
  • Work with the Security Operations Manager to develop Security services and service improvement activities.
  • Maintain and improve personal knowledge of the technology landscape of the group.
  • Interact efficiently with other team members to sustain a highly technical environment and sharing knowledge regularly.
  • Ability to clearly articulate cyber security risks against business outcomes and provide advice on the remedial actions that should be undertaken.
  • Provide advice and guidance to teams around threats, vulnerabilities, and security changes.
What You'll Need To Succeed

  • 3 or more years of managing security operations (preferably in the retail industry) and working with security service providers.
  • Strong knowledge and experience of implementing security automation tools and techniques in a hybrid, multi-cloud environment.
  • Strong understanding of security risk management and experience of writing security risks identified from security incidents and vulnerability management.
  • Comprehensive understanding of the MITRE ATT&CK framework and common tactics used by Threat Actors to perform cyber-attacks.
  • Deep understanding of Email Security and performing header analysis to identify Indicators of Compromise (IOC) in addition to technical control failures post-delivery.
  • Practical knowledge of security defense techniques for E-Commerce web and mobile applications, cloud platforms, network infrastructure, end user computing and APIs.
  • Ability to explain technical complex concepts and operational data / reports (e.g., incident and vulnerability remediation trends) to non-technical audiences combined with excellent communication, presentation and organizational skills.
  • Knowledge of security and privacy standards as well as frameworks including ISO 27001, PCI DSS, GDPR etc.
  • Demonstrably self-motivated, pro-active, action orientated to achieve deadlines.
  • Able to perform end to end incident response activities for common threats independently.
  • Technical expertise on security technologies such as SentinelOne, Firewalls and proxy servers.
  • Experienced with log onboarding, ingestion, and optimization of use cases.
  • Communicate effectively to both technical and non-technical audience in highlighting cyber security risks and incidents.
  • Develop a strong relationship with internal stakeholders, ensuring security risks highlighted are tracked to mitigation.
What we can offer you

With us, you will turn your aspirations into reality. We will help shape your journey through enriching experiences, learning and development opportunities and exposure to different assignments within your role or through internal mobility. Our Group offers diverse career paths for those who are extraordinary, every day.

We recognise the value that you bring, and we strive to provide a competitive benefits package which includes health care, child education contribution, remote and flexible working policies as well as exclusive employee discounts.

We Invite All Applicants to Apply

It Takes Diversity Of Thought, Culture, Background, Differing Abilities and Perspectives to truly Inspire, Exhilarate and Delight our customers. At Chalhoub Group, we are committed to inclusion and diversity.

We welcome all applicants to apply and be part of our exciting future. We ensure equal opportunity for all our applicants without regard to gender, age, race, religion, national origin or disability status.