Director of Security Operations Chalhoub Group

What you'll be doing:

Security Operations Center (SOC) Leadership

• Lead the strategic and operational management of Chalhoub s 24x7 global Security Operations Center, including shift coverage, metrics, and escalation processes.
• Develop SOC maturity roadmap, integrating SIEM, SOAR, UEBA, EDR, and XDR technologies.
• Ensure tight SLAs for threat detection, triage, investigation, and response.

Threat Detection, Monitoring & Intelligence

• Oversee advanced threat detection and real-time monitoring across all enterprise layers: on-prem, cloud (Azure, AWS, GCP), networks, endpoints, and applications.

Establish a formal Cyber Threat Intelligence (CTI) functio n

• leveraging internal telemetry and external intel (e.g., ISACs, vendors, national CERTs).
• Regularly produce threat landscape reports for executive leadership and risk committees.

Incident Response & Crisis Management

• Lead Chalhoub s cyber incident response program, including playbooks, runbooks, escalation paths, and digital forensics.
• Coordinate major incident handling in collaboration with Legal, Risk, and Communications.
• Conduct tabletop exercises with business and technology leaders to test readiness.

Vulnerability & Exposure Management

• Manage vulnerability scanning, patch validation, and risk-based remediation across all tech environments.
• Partner with IT Operations, DevOps, and Product teams to embed security into release cycles.
• Produce and socialize prioritized vulnerability reports and KPIs to leadership.

MSSP & Vendor Oversight

• Oversee all outsourced security operations and threat detection services (MSSPs).
• Define and manage performance metrics, SLAs, and continuous improvement plans.
• Drive contract negotiations, compliance assurance, and scope optimization.
• Tooling, Automation & Integration - Maximize efficiency through SOAR playbooks, API integrations, and automation pipelines for investigation and containment.
• Evaluate and implement emerging defense technologies that enhance threat detection and response capabilities.

Reporting, Metrics & Continuous Improvement

• Deliver weekly/monthly operational dashboards on SOC performance, incidents, threat trends, and SLAs.
• Drive maturity assessments using frameworks like MITRE ATT&CK, NIST CSF, and CMMI.
• Lead regular post-incident reviews and lessons-learned workshops.

What you ll need to succeed

• 10 15 years of progressive experience in cybersecurity, with at least 5 years leading Security Operations in a regional or global enterprise.
• Bachelor s degree in Cybersecurity, Information Systems, Engineering, or equivalent.
• Advanced degree (MBA, MS InfoSec) preferred.
• Relevant certifications (minimum 2): GCIH, GCIA, CISSP, CISM, CEH, OSCP, or equivalent.
• Demonstrated expertise in managing 24x7 SOCs, cloud security operations, and incident response at scale.
• Industry exposure in retail, e-commerce, luxury, or fast-paced B2C environments is highly preferred.