Salary Range $119,000 - $155,000*
Job Description:
Who We Are:
Saks is a world-renowned luxury ecommerce destination. The company’s unique approach combines a focus on the digital customer experience with a strong connection to a network of extraordinary stores that extends that seamless experience into the real world.
On its website and app, Saks offers an unparalleled selection of curated merchandise across fashion for women and men, beauty, jewelry, home décor and more. In addition to the shopping experience, customers come to Saks for inspiring editorial content, access to digital stylists, lifestyle experiences and other world-class services.
Role Summary:
A highly motivated Cybersecurity Manager within the Cyber Security Operations Center (CSOC) with expertise in Security Information and Event Management (SIEM), particularly Sumo Logic. This role involves monitoring, analyzing, and responding to security threats and incidents, while also managing partnerships with Managed Detection and Response (MDR) partners. The goal is to ensure alignment with our security objectives, service level agreements (SLAs), and compliance requirements.
Role Description:
Leadership and Mentoring:
Lead and mentor a team of security analysts, providing guidance and support.
Define and implement processes for collaboration between in-house CSOC teams and MDR.
Prepare and present regular reports on security incidents, trends, and performance metrics.
Provide recommendations for improvements based on analysis of security incidents and trends.
Lead training sessions and workshops to enhance the skill set of the team.
Act as a subject matter expert (SME) on security incidents and SIEM best practices.
Collaborate with Managed Detection and Response providers
Oversee and manage relationships with Managed Detection and Response Providers (MDRs) to ensure they effectively deliver the agreed-upon services.
Monitor MDR activities to ensure compliance with Service Level Agreements (SLAs) and contractual obligations.
Evaluate reports, alerts, and threat intelligence provided by MDRs for accuracy and relevance.
Serve as the primary point of contact for MDRs, ensuring clear communication of organizational priorities and requirements.
Regularly review MDR performance metrics and conduct quarterly business reviews (QBRs).
Incident Investigation and Response:
Lead the investigation of complex security incidents, including data breaches, malware infections, and unauthorized access.
Perform detailed forensic analysis of compromised systems and networks.
Coordinate incident response efforts with cross-functional teams to contain and mitigate threats.
Document and report on security incidents, findings, and recommendations.
Threat Intelligence and Analysis:
Gather, analyze, and disseminate threat intelligence from multiple sources (e.g., open-source, commercial feeds, ISACs).
Utilize threat intelligence to identify and prioritize potential threats to the organization.
Conduct threat hunting activities to proactively identify security risks and vulnerabilities.
Collaborate with threat intelligence partners and communities to stay updated on the latest threats and trends
Key Qualifications:
Bachelor’s degree in Computer Science, Information Security, or related field. Advanced degree preferred.
Minimum of 5-8 years of experience in a SOC or CSOC role with a focus on SIEM, incident response, SOAR, and threat intelligence.
Professional certifications such as CISSP, CISM, GIAC (GCIH, GCIA, GCFA), CEH, or similar.
Experience with cloud security platforms and technologies (AWS and Azure)
Familiarity with scripting and programming languages (e.g., Python, PowerShell)
Knowledge of Cloud IDP solutions (e.g. Sailpoint, Okta, Azure etc)
Experience with large scale and complex incidents of all types to include APT, DDOS, ransomware, web/mobile compromise, account compromise, data disclosures, etc.
Experience in network intrusion detection, including experience using common network monitoring tools - IDS, IPS, SIEM and Syslog
Understanding of common network vulnerabilities and penetration testing tools including but not limited to Metasploit, Qualys, Nessus, and Nmap
Knowledge of Log analysis, correlate events and identify indicators of threat activity via SIEM Tools; such as Sumo Logic
Knowledge of EDR Tools, triage investigation; CrowdStrike
Knowledge of Email Security, Phishing/Malware Email Analysis, Data Loss Prevention
Demonstrated ability to perform independent analysis of complex problems and distill relevant findings and root causes
A broad and deep understanding of cyber-security threats, vulnerabilities, controls, and remediation strategies in global enterprise environments
Knowledge of technologies, systems, and networks as well as typical gaps that could impact the ability of an organization to effectively detect and respond to cyber attacks
Demonstrated knowledge of common adversary tactics, techniques, and procedures
Strong foundational knowledge in information technology, to include hardware, networking, architecture, protocols, files systems and operating systems.
The use of host and network forensic methods and tools
The application of threat intelligence in incident response and forensic investigations
Malware analysis and comprehension of attack methodologies
Navigating and querying enterprise logging solutions to extract and manipulate data
Analyzing network, host, and user activity data to detect irregularities
Excellent analytical, problem-solving, and decision-making skills.
Strong written and verbal communication skills.
Ability to work in a fast-paced, high-pressure environment and manage multiple priorities effectively.
Your Life and Career at Saks:
Be a part of an entrepreneurial team hyper focused on massive growth
Convenient and collaborative modern offices in Lower Manhattan with onsite perks
Benefits package for all eligible full-time employees (including medical, vision and dental)
An amazing employee discount
Thank you for your interest in Saks. We look forward to reviewing your application.
Saks provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, national origin, age, disability or genetics. In addition to federal law requirements, Saks complies with applicable state and local laws governing nondiscrimination in employment in every location in which the company has facilities. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training.
Saks welcomes all applicants for this position. Should you be individually selected to participate in an assessment or selection process, accommodations are available upon request in relation to the materials or processes to be used.
It is unlawful in Massachusetts to require or administer a lie detector test as a condition of employment or continued employment. An employer who violates this law shall be subject to criminal penalties and civil liability.
Saks.com is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees.
*The above expected salary range may have some variability based upon factors including, but not limited to, a candidate’s overall experience, qualifications, and geographic location. If you are interested in the role, we encourage you to apply and, if selected to move forward in the interview process, you will have a chance to speak with our recruitment team regarding your specific salary expectations.