Sr. Analyst, CSOC - Detection Engineering

Salary range: $108,000 - $138,000

Saks Global is the largest multi‑brand luxury retailer in the world, comprising Saks Fifth Avenue, Neiman Marcus, Bergdorf Goodman, Saks OFF 5TH, Last Call, and Horchow.

• Design, build, and continuously improve high‑fidelity security detections across cloud and enterprise environments.
• Engineer detections across SIEM, EDR, cloud‑native security tools, and log pipelines.
• Reduce false positives through tuning, enrichment, and behavioral correlation.
• Support incident response by improving alert fidelity and investigative context.
• Maintain detection repositories with documentation, ownership, and lifecycle management.

• Translate threat intelligence, IOCs, TTPs, and attack reports into actionable detections.
• Develop behavior‑based detections for advanced threat actors.
• Validate detections against real attack paths with Red/ Purple teams.
• Continuously improve coverage in response to emerging threats and incident learnings.

• Write production‑quality code to automate detection deployment, enrichment, and response.
• Build tooling for detection testing, telemetry validation, and metrics.
• Integrate detections with automation and response workflows.
• Experience with AI workflows and integration of AI into security operations.

Work up to 4 days a week in our NYC or Dallas office.

• Bachelor’s degree in Computer Science, Cybersecurity, Information Technology, or related field.
• Minimum 5 years of experience in Security Operations (SOC) roles.
• Experience designing and implementing security detections.
• Hands‑on experience with major cloud platforms (AWS, Azure) and cloud security controls, APIs, and logging/querying.
• Proficiency in at least one scripting/programming language (Python highly preferred).
• Experience with detection‑as‑code principles and frameworks such as Sigma, YARA, or custom scripts.
• Experience managing detection life cycles using version control systems (Git).
• Experience configuring, managing, and querying SIEM platforms.
• Experience incorporating threat intelligence into detection logic and automated responses.
• Solid grasp of network security, cloud security fundamentals, incident response life cycles, and common attack vectors.
• Excellent analytical abilities to dissect complex problems, identify patterns, and develop effective detection strategies.

• Medical, vision, and dental insurance.
• 401(k) retirement plan.
• Basic life insurance, supplemental life insurance, and disability insurance.
• Additional voluntary benefits (critical illness, hospital, and accident insurance).
• Employee discount.
• Dynamic fast‑paced environment with growth and advancement opportunities across retail, distribution, digital, and corporate functions.

Saks provides equal employment opportunities to all employees and applicants for employment without regard to race, color, religion, sex, national origin, age, disability, or genetics. In addition to federal law requirements, Saks complies with applicable state and local laws governing nondiscrimination in employment in every location in which the company has facilities. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, and training.

Accommodations are available upon request for individuals participating in assessment or selection procedures.