Sephora Security Operations Expert

About Sephora

Sephora is a global prestige beauty retailer and part of the LVMH group, recognised for its omni‑channel retail model and curated assortment of beauty brands. Sephora SEA operates across the Asia‑Pacific region and combines physical flagships with digital channels, emphasising fast growth, customer experience and regional collaboration with global security and IT functions.

Role & Responsibilities

• Manage and optimise security tooling and detection coverage across SIEM, EDR, NDR, CAASM, CSPM, WAF, VA and threat‑intelligence platforms.
• Lead alert management and follow‑the‑sun incident response for the SEA timezone, coordinating detection, containment, remediation and recovery activities.
• Own delivery of technical projects on the regional Security Roadmap, including Cloud Backup reviews, remediation initiatives, DLP, USB blocking, API and firewall reviews.
• Coordinate and support the local execution and remediation process of the bug bounty programme.
• Support Engineering and DevSecOps teams by validating CICD security controls and optimising SAST/DAST/SCA/WAF capabilities.
• Drive the regional Cyber Crisis Management process, train stakeholders on crisis responsibilities and ensure playbooks are maintained.
• Conduct and lead detailed forensic investigations of security incidents including data breaches, malware outbreaks, targeted attacks and fraud.
• Provide proactive security monitoring and protective coverage for major retail events, protecting against cyber attacks and fraud attempts.

Qualifications

• Minimum five years of professional experience in cybersecurity, with demonstrable operational ownership of SOC, incident response or similar functions.
• Solid technical knowledge of detection and prevention technologies: SIEM, EDR, NDR, CAASM, CSPM, WAF, vulnerability assessment tools, SAST/DAST/SCA and API security.
• Proven experience in incident response, digital forensics, investigations and familiarity with penetration testing or red‑teaming methodologies.
• Comfort working with regional and global stakeholders to align cyber defence strategies and deliver cross‑functional initiatives.
• Analytical mindset, resilience under pressure, a continuous‑learning attitude and strong collaborative skills.

Skills

Experience

Minimum 5 years in cybersecurity, with hands‑on experience in security operations, SOC analytics, incident response, forensic investigations and familiarity with penetration testing or red‑team exercises.

Education

Bachelor's degree in Computer Science, Information Security, or a related discipline, or equivalent practical experience. Professional certifications such as CISSP, CISM or relevant GIAC qualifications are highly desirable.

Workplace

Culture

Sephora fosters an inclusive, fast‑paced retail culture that values authenticity, diversity and continuous learning. The regional teams emphasise empowerment and career development, encouraging cross‑functional collaboration between retail, engineering and global security stakeholders.

About Cerulean

Cerulean is the definitive career portal for the global luxury industry. We match exceptional professionals with exclusive opportunities at the world's most prestigious brands. From haute couture and fine watchmaking to prestige beauty, hospitality, and boutique retail, Cerulean centralises luxury employment to help you find the career for which you were destined.