Security Operations Manager
  • United Arab Emirates Dubai
  • Chalhoub Group
1 year before
31.01.2024
Protect and Defend
Incident Response
Job Description

INSPIRE | EXHILARATE | DELIGHT


For over six decades, Chalhoub Group has been a partner and creator of luxury experiences in the Middle East. The Group, in its endeavour to excel as a hybrid retailer, has reinforced its distribution and marketing services with a portfolio of eight owned brands and over 300 international brands in the luxury, beauty, fashion, and art de vivre categories. More recently, the Group expanded its expertise into new categories of luxury watches, jewelry, and eyewear.


Every step at Chalhoub Group is taken with the customer at heart. Be it constantly reinventing itself or focusing on innovation to provide luxury experiences at over 750+ experiential retail stores, online and through mobile apps, each touch point leads to delighting the customer.


Today, Chalhoub Group stands for 14,000 skilled and talented professionals across seven countries, whose cohesive efforts have resulted in the Group being ranked third in the Middle East and first in Saudi Arabia as a Great Place to Work®.


This is a fantastic opportunity for a Security Professional to join a leading retail group in the middle east, working as part of the IT Services team. The candidate will work in the Tech Security team to support and expand the Tech Security function in security operations, threat hunting and vulnerability management domains.


Purpose of the role

Safeguards information system assets by identifying and solving potential and actual security problems. The Security Operations Manager role has a broad range of responsibilities, with a primary emphasis on incident response, threat and event monitoring and vulnerability management.


What you'll be doing

Develop and revise processes to strengthen the current operating model for Security Operations, review and develop relevant policies, procedures, and runbooks to address emerging and changing threats.
Responsible for IT security incident response and ensuring security incidents are logged, escalated, and responded to in line with SLAs defined for SOC services.
Act as the primary point of contact for security-related incidents, invoke CSIRT for critical incidents and engage DFIR partner as and when required.
For major incidents provide central oversight and communication to IT Leadership, Business Leadership, and relevant external stakeholders on security risk and mitigation strategies.
Monitor Managed Security Service Provider (MSSP) and identify any areas of improvement by producing relevant KPIs and metrics. Report with recommendations on how to improve services to Senior IT Management
Work closely with MSSP and internal stakeholders to ensure the effectiveness of SIEM, use cases, consistency and coverage of the critical platform monitoring under SOC, and timely closure of the security incidents.
Manage the interaction between MSSP and internal tech/operations teams and ensure a smooth flow of incident tickets and remediation activities.
Develop clear and concise operational reporting metrics including KRIs (key risk indicators) for technical teams and senior management reporting.
Develop and maintain incident response plans and ensure they are regularly tested and updated.
Stay up to date on the latest security regulations, advisories, alerts, and vulnerabilities and communicate to the technical and business stakeholders as necessary.
Lead and own vulnerability management covering the end-to-end lifecycle (identification, investigation, response, and remediation). Develop and maintain vulnerability management process, and SLAs for remediation and reporting metrics.
Work closely with MSSP’s vulnerability management team, internal tech service owners and product managers to ensure any vulnerabilities are assigned and remediated in a timely manner.
Oversight, planning and execution of any required VAPT tests, forensic audits, or related investigations.
Build and maintain a positive working relationship with the service providers.


What you'll need to succeed

Bachelors or master’s degree in computer science or related discipline
Achieved one or more of information security certifications (e.g., GSOC, CISSP, CISM, Cloud security certifications, etc.)
5-8 years or more experience of working in multiple IT Security domains in a large organization, preferably in Retail industry.
3 years or more experience of managing security operations and working with security service providers.
Strong knowledge and experience of implementing security automation tools and techniques in a hybrid, multi-cloud environment.
Strong understanding of security risk management and experience of writing security risks identified from security incident and vulnerability management.
Solid understanding of security threat management frameworks and attack/defense techniques including MITRE Att&ck, and OWASP.
Practical knowledge of security defense techniques for E-Commerce web and mobile applications, cloud platforms, network infrastructure, end user computing and APIs.
Ability to explain technical complex concepts and operational data / reports (e.g. incident and vulnerability remediation trends) to non-technical audiences combined with excellent communication, presentation and organizational skills.
Knowledge of security and privacy standards and frameworks including ISO 27001, PCI DSS, GDPR etc.
Demonstrably self-motivated, pro-active, action orientated to achieve deadlines


What we can offer you

With us, you will turn your aspirations into reality. We will help shape your journey through enriching experiences, learning and development opportunities and exposure to different assignments within your role or through internal mobility. Our Group offers diverse career paths for those who are extraordinary, every day.


We recognise the value that you bring, and we strive to provide a competitive benefits package which includes health care, child education contribution, remote and flexible working policies as well as exclusive employee discounts.


We Invite All Applicants to Apply

It Takes Diversity Of Thought, Culture, Background, Differing Abilities and Perspectives to truly Inspire, Exhilarate and Delight our customers. At Chalhoub Group, we are committed to inclusion and diversity.


We welcome all applicants to apply and be part of our exciting future. We ensure equal opportunity for all our applicants without regard to gender, age, race, religion, national origin or disability status.


Quick response

Required Knowledge
  • K0001   Knowledge of computer networking concepts and protocols, and network security methodologies.
  • K0004   Knowledge of cybersecurity and privacy principles.
  • K0005   Knowledge of cyber threats an`d vulnerabilities.
  • K0041   Knowledge of incident categories, incident responses, and timelines for responses.
  • K0042   Knowledge of incident response and handling methodologies.
  • K0046   Knowledge of intrusion detection methodologies and techniques for detecting host and network-based intrusions.
  • K0230   Knowledge of cloud service models and how those models can limit incident response.

Required Skills
  • S0077   Skill in securing network communications.
  • S0078   Skill in recognizing and categorizing types of vulnerabilities and associated attacks.
  • S0173   Skill in using security event correlation tools.
  • S0365   Skill to design incident response for cloud service models.

Required Abilities
  • A0121  Ability to design incident response for cloud service models.
  • A0128  Ability to apply techniques for detecting host and network-based intrusions using intrusion detection technologies.