Lead SOC Analyst

Job Description:

Who We Are:

Saks is a world-renowned luxury ecommerce destination. The company’s unique approach combines a focus on the digital customer experience with a strong connection to a network of extraordinary stores that extends that seamless experience into the real world.

On its website and app, Saks offers an unparalleled selection of curated merchandise across fashion for women and men, beauty, jewelry, home décor and more. In addition to the shopping experience, customers come to Saks for inspiring editorial content, access to digital stylists, lifestyle experiences and other world-class services.

Role Summary:

An experienced and highly motivated Lead Cyber Security Analyst with extensive expertise in Security Information and Event Management (SIEM) focusing, incident investigation, Security Orchestration, Automation, Response (SOAR), and threat intelligence. As a Lead Cyber Security Analyst, you will play a critical role in safeguarding our organization by monitoring, analyzing, and responding to security threats and incidents.

Role Description:

• SIEM Management and Optimization:

  • Configure, manage and fine-tune Sumo Logic SIEM to ensure effective monitoring and alerting of security events.

  • Develop and implement SIEM rules, correlation searches, and use cases within Sumo Logic to detect and respond to potential security threats.

  • Conduct regular health checks and performance tuning of the SIEM system.

• Incident Investigation and Response:

  • Lead the investigation of complex security incidents, including data breaches, malware infections, and unauthorized access.

  • Perform detailed forensic analysis of compromised systems and networks.

  • Coordinate incident response efforts with cross-functional teams to contain and mitigate threats.

  • Document and report on security incidents, findings, and recommendations.

• SOAR Integration and Automation:

  • Design, implement, and manage SOAR workflows to automate repetitive security tasks and streamline incident response processes.

  • Integrate SOAR solutions with existing security tools and platforms to enhance operational efficiency.

  • Develop playbooks for automated responses to various security scenarios.

• Threat Intelligence and Analysis:

  • Gather, analyze, and disseminate threat intelligence from multiple sources (e.g., open-source, commercial feeds, ISACs).

  • Utilize threat intelligence to identify and prioritize potential threats to the organization.

  • Conduct threat hunting activities to proactively identify security risks and vulnerabilities.

  • Collaborate with threat intelligence partners and communities to stay updated on the latest threats and trends.

• Endpoint Detection and Response (EDR):

• Deploy, manage, and monitor EDR solutions to detect and respond to endpoint threats.

• Analyze EDR alerts and take appropriate actions to mitigate threats.

• Conduct endpoint forensics and analyze malware to understand and neutralize threats.

• Mentoring and Leadership:

  • Oversee daily operations of the CSOC, ensuring efficient incident detection and response.

  • Lead and mentor a team of security analysts, providing guidance and support.

  • Prepare and present regular reports on security incidents, trends, and performance metrics.

  • Provide recommendations for improvements based on analysis of security incidents and trends.

  • Provide mentorship and guidance to junior analysts within the CSOC team.

  • Lead training sessions and workshops to enhance the skill set of the team.

  • Act as a subject matter expert (SME) on security incidents and SIEM/SOAR best practices.

Key Qualifications:

• Bachelor’s degree in Computer Science, Information Security, or related field. Advanced degree preferred.

• Minimum of 4-6 years of experience in a SOC or CSOC role with a focus on SIEM, incident response, SOAR, and threat intelligence.

• Professional certifications such as CISSP, CISM, GIAC (GCIH, GCIA, GCFA), CEH, or similar.

• Proficiency in managing and optimizing Sumo Logic SIEM.

• Hands-on experience with SOAR platforms.

• Strong understanding of cyber threat intelligence frameworks and methodologies.

• Excellent analytical, problem-solving, and decision-making skills.

• Strong written and verbal communication skills.

• Ability to work in a fast-paced, high-pressure environment and manage multiple priorities effectively.

Preferred Skills:

• Experience with cloud security platforms and technologies (AWS and Azure).

• Knowledge of regulatory and compliance frameworks (e.g. PCI-DSS, ).

• Familiarity with scripting and programming languages (e.g., Python, PowerShell).

• Knowledge of Cloud IDP solutions (e.g. Okta, Azure etc)

Your Life and Career at Saks:

• Exposure to rewarding career advancement opportunities

  • A culture that promotes a healthy, fulfilling work/life balance

• Benefits package for all eligible full-time employees (including medical, vision and dental).

• An amazing employee discount

Thank you for your interest in Saks. We look forward to reviewing your application.

Saks provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, national origin, age, disability or genetics. In addition to federal law requirements, Saks complies with applicable state and local laws governing nondiscrimination in employment in every location in which the company has facilities. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training.

Saks welcomes all applicants for this position. Should you be individually selected to participate in an assessment or selection process, accommodations are available upon request in relation to the materials or processes to be used.

It is unlawful in Massachusetts to require or administer a lie detector test as a condition of employment or continued employment. An employer who violates this law shall be subject to criminal penalties and civil liability.

Saks.com is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees.

• 
  The above expected salary range may have some variability based upon factors including, but not limited to, a candidate’s overall experience, qualifications, and geographic location. If you are interested in the role, we encourage you to apply and, if selected to move forward in the interview process, you will have a chance to speak with our recruitment team regarding your specific salary expectations.