IT Security Manager
Dunnes Stores is Ireland’s leading retailer positioned at the cutting edge of food and fashion retailing. We are Irish owned and operate over 130 stores across Ireland, Northern Ireland, and Spain, as well as a growing online store. We are expanding our service and product offering for our customers all the time
We are convinced that Dunnes Stores, with its unique mix of physical stores, leading ecommerce experience and increased use of technology will continue to offer the best shopping experience to our customers – new and existing online and offline
The Dunnes Stores IT Security Team has overall responsibility for cyber security both physical IT assets and cloud based technologies across Dunnes Stores Group, as such it is an integral defence function within Dunnes Stores Ltd. The team is continuously assessing cyber risk to the business and developing appropriate detective and defensive capabilities.
This is your chance to be part of the biggest retail transformation in Ireland that will be experienced by everyone who visits our stores or who shop with us online now and in the future. It is a chance to be part of creating a world class retail experience and bring your experience to bear with Irelands largest Retailer
We are looking for an experienced Security IT Manager within our Security Operations Centre (SOC) who preferable has previous experience from retail or a similarly fast paced distributed environment. Ideally we are looking for someone with 3 plus years’ experience in information security with a background in risk and/or IT network and infrastructure
This role will be a mixture of new project implementation activities along with detailed security analysis of current and emerging threats as part of the SOC Team
Purpose of the role:
The Security Manager is one of our cyber security first responders. They report on cyber threats and implement any changes needed to protect the organisation. They’re considered the last line of defence against cybersecurity threats, reporting to SOC Manager, working along other Cyber Security team members
The Security Manager assists in deploying, maintaining, tuning, monitoring, and managing Dunnes Stores security toolsets as directed by the SOC Manager / Head of IT Security. The Security Manager will function as a Level 2 analyst and will lead the management flow of analysis from third parties and will liaise with third parties and internal teams to review alerts associated with Dunnes Stores network and security devices; works with other parties/analysts to collect, correlate, and analyse security-relevant data, and respond to threats in a timely manner
- Work on alerts from colleagues and third parties to perform in-depth analysis and triage of network security threat activity based on computer and media forensics, malicious code analysis, and protocol analysis.
- Assist with the development of incident response plans, workflows, and Standard Operating Procedures.
- Monitoring and management of SIEM infrastructure.
- Monitor the service ticket board and ensure the tickets are managed and responded in line with SLA.
- Review and fine tune the false positive incidents.
- Provide feedback and automate the common recurring tasks.
- Develop and implement detection use cases.
- Be responsible to manage self, time and the tasks assigned.
- Regularly and promptly carry out the ticket management tasks.
- Run the security calls with third parties and develop KPIs.
- Minute the meetings and present notes to the Head of IT Security in a timely manner.
- Adhere to strict change management process through the Change Advisory Board
- Create and review monthly reports with analysis.
- Continuously assess current state of security monitoring and recommend enhancements to the security process, procedures and policies.
- Works with internal teams to review and collect asset data (configs, running processes, etc.) on systems for further investigation.
- Determine and direct remediation and recovery efforts.
- Participate in evaluating, recommending, implementing, and troubleshooting security incidents.
- Document and maintain Dunnes Stores build documents, security procedures and processes.
- Stays up-to-date with emerging security threats including applicable regulatory security requirements.
- Communicate effectively with colleagues, management and third parties.
- Works with internal teams and third parties to leverage emerging threat intelligence (IOCs, updated rules, etc.) to identify affected systems and the scope of the attack.
- Proactively conduct research of network traffic and system activity looking for security anomalies and suspicious activities.
- Perform Advanced Persistent Threat correlation between multiple security event sources such as firewall logs, threat intelligence feeds, AV, IDS, IPS, and EDR solutions.
- Provide mentoring to other members of the IT Security team.
- Understand the business and information risk context, and monitor, report and propose architectures and countermeasures to mitigate risks
- Attend team meetings as required and produce/distribute any InfoSec related material
- Day to day analysis of our abilities to resist, current and emerging threats
- To keep a technical industry awareness of security risks and exposures and proactively promote effective counter-measures
- To work cooperatively with the project teams when required and ensure that new project changes adhere to the security policies and infrastructure standards and integrate into existing procedures or refining them as appropriate
You are ideal if you have:
- Strong problem-solving skills, critical thinking, excellent analytical ability, strong judgment and the ability to deliver high performance and high levels of customer satisfaction in a matrix managed environment.
- Experience on SIEM technology, preferably on IBM QRadar
- Device Knowledge such as Firewall, IPS/IDS, Routers/Switches
- Security certifications (CISM/CISA) preferred
- Demonstrable experience of identifying information risks and the commensurate controls
- Excellent communication and presentation skills, both written and verbal
Education & Qualifications:
- 3+ years of experience working in Security Operations Centre with a Security Incident & Event Management (SIEM) to correlate events across several devices.
- Strong understanding of network devices such as Intrusion Detection Systems (IDS)/ Intrusion Prevent Systems (IPS), firewalls, network packet capture tools, and file integrity monitoring tools.
- Proficient knowledge in incident prevention, detection and response tools
- Knowledge of network and server security products, technologies, and protocols
- Requires background in at least 2 of the following domains: hacking and incident response; network forensics; security engineering, security analysis and investigations
Dunnes Stores Competency Profile:
- Technical/professional knowledge
- Building Relationships
- Results Orientation
- Change Advocate
If this sounds like the perfect role for you, then please apply now!
Dunnes Stores is an Equal Opportunities Employer