Saks Global Senior CSOC Detection Engineer

About Saks Global

Saks Global is a leading multi‑brand luxury retailer that operates flagship names including Saks Fifth Avenue, Neiman Marcus, Bergdorf Goodman and Saks OFF 5TH. The organization combines premium brick‑and‑mortar retail with multiple e‑commerce platforms and centralized technology capabilities to deliver highly personalised luxury experiences. As an employer it offers cross‑functional career mobility across retail, distribution, digital and corporate operations.

Role & Responsibilities

• Design, develop, and maintain high‑fidelity detections aligned to real‑world adversary behaviours and MITRE ATT&CK techniques across cloud and enterprise environments.
• Engineer detections for SIEM, EDR, cloud‑native security tools and log pipelines; author rules and queries to improve alert fidelity.
• Apply Detection‑as‑Code practices (version control, CI/CD, automated testing, peer review) to build, validate and maintain detection repositories and lifecycles.
• Tune alerts to reduce false positives through enrichment and behavioural correlation and provide investigative context to support incident response.
• Translate threat intelligence (IOCs, TTPs) and adversary tradecraft into actionable, behaviour‑based detections and work with Red/Purple teams to validate coverage.
• Build production‑quality automation for detection deployment, telemetry validation and response integration; develop tooling for detection testing and metrics.
• Maintain documentation, ownership and lifecycle management for detection assets and continuously improve coverage based on emerging threats and post‑incident learnings.

Qualifications

• Bachelor’s degree in Computer Science, Cybersecurity, Information Technology, or a related field.
• Minimum 5 years’ experience in Security Operations (SOC) roles with demonstrable experience designing and implementing security detections.
• Deep, hands‑on experience with major cloud platforms (AWS, Azure) including PaaS/SaaS security controls, APIs and logging/querying.
• Strong proficiency in at least one scripting/programming language (Python strongly preferred) with ability to write, test and debug detection logic and automation.
• Practical experience with Detection‑as‑Code frameworks and version control (e.g., Sigma, YARA, Git) and with maintaining detection repositories.
• Proven experience configuring, managing and querying SIEM platforms and integrating threat intelligence (threat feeds, IOCs, OpenIOC) into detection logic.

Skills

Experience

Minimum of 5 years in Security Operations (SOC) roles with proven, hands‑on experience designing and implementing adversary‑focused detections across cloud and enterprise environments.

Education

Bachelor's degree in Computer Science, Cybersecurity, Information Technology or related discipline.

Workplace

Compensation

The base compensation for this position ranges from USD 108,000 to USD 138,000 per annum.

Benefits

Medical insurance; dental insurance; vision insurance; 401(k) retirement plan; basic and supplemental life insurance; disability insurance; voluntary benefits (critical illness, hospital and accident); employee discount.

Culture

Saks Global blends the craftsmanship and curation of luxury retail with a technology‑driven mindset, fostering cross‑disciplinary collaboration between merchandising, stores and digital teams. The workplace is fast‑paced and customer‑centric, offering growth opportunities across a large multi‑brand retail platform while emphasising inclusion and equal opportunity.

About Cerulean

Cerulean is the definitive career portal for the global luxury industry. We match exceptional professionals with exclusive opportunities at the world's most prestigious brands. From haute couture and fine watchmaking to prestige beauty, hospitality, and boutique retail, Cerulean centralises luxury employment to help you find the career for which you were destined.