Cyber Defense Lead, Asia

**Position**:
Cyber Defense Lead, Asia

**Profile**:
At Sephora, beauty is about feeling seen, valued, and empowered, individually and collectivly. It is connecting deeply with others, celebrating diversity and inclusivity, unlocking your potential and making a difference every day. Together, we belong to something beautiful.

**Cyber Defense Lead, Asia**

As Cyber Defense Lead, Asia, you will lead and oversea the regions Cyber Defense functions including Secops, vulnerability management, Incident and Alert Management including follow-the-sun coverage, Incident Response, Threat Hunting, and optimization of threat monitoring tooling and capabilities.

You will coordinate security operations with Tech and other key stakeholders, identifying opportunities to close gaps in cybersecurity defenses and increase efficiency in responding to global cyber threats.

In an age where minutes can be the difference between prevention, containment, or a large-scale incident; this role is critical in ensuring the organization’s ability to proactively detect, prevent, and respond to cybersecurity threats and incidents. As Cyber Defense Lead, you will be responsible for managing the regional security analysts, driving continuous improvement in processes and technologies, and aligning cyber defense strategies with regional, Global, and LVMH Group Cyber Defense teams to meet the organization’s overall security goals.

**You will shine here if you enjoy**

**Cyber Defense Leadership**
- Executing the vision, strategy, and goals for the organization’s Global and Group Cyber Defense functions, aligning with overall business objectives and cybersecurity strategy
- Implementing and enforcing Cyber Defense policies and procedures aligned with the LVMH Group based on Sephora risks and priorities
- Together with the CSIO and Global functions, develop and maintain the Cyber Defense roadmap, focusing on detection coverage, evolving threats, and new technologies

**Security Operations**
- Proactively enhance the security posture of digital assets through continuous monitoring, vulnerability management and the implementation of effective security measures coordinating with Tech and other teams on protection and remediation actions
- Woking closely with cross-regional members to ensure seamless integration and operation of security solutions

**Alert, Incident, and Crisis Management**
- Contributing to the unification and standardization of cyber detection and response capabilities across regions, ensuring 24/7 availability
- Leading the organization’s regional incident response efforts, ensuring timely, coordinated, and effective responses to security incidents, from detection to resolution and recovery
- Driving the continuous improvement of the Incident Response, event and alert management, investigation and triage capabilities to ensure the operational efficiency of these capabilities
- Overseeing the regional Cyber Crisis Management process and ensuring it is implemented, maintained and stakeholders are trained on their responsibilities during a crisis
- Coordinating incident response efforts, crisis management and recovery plans in the event of a security breach
- Overseeing detailed forensic investigations of security incidents, including data breaches, malware outbreaks, targeted attacks and fraud
- Providing support for key retail events via monitoring, response and containment of cyber-attacks and fraud attempts

**SOC / Tooling Enhancement / Optimize / Playbooks, Daily Operations**
- Working closely with the Group SOC and other regional/Global Cyber Defense teams to continuously enhance detection capabilities and ensure the proactive identification of emerging threats
- Continuously improving workflows, playbooks, and incident management processes and monitoring capabilities to maximize efficiency and effectiveness
- Working with Group Cyber Defense team to optimize the coverage and integration of key Attack Surface Management tools including: SIEM, EDR, NDR, CAASM, CSPM, WAF, VA, and threat intelligence platforms
- Overseeing the day-to-day operations of the regional security analysts, ensuring effective and timely monitoring, detection, triage, analysis and escalation of security events
- Utilizing threat intelligence and leading threat hunting efforts to proactively identify potential threats, vulnerabilities, and attack vectors within the environment

**We would love to hear from you if you are/have**
- Minimum of 7-8 years of experience in cybersecurity, with at least 2 years in an L3 or leadership role in SOC, threat hunting, incident response, and investigations
- Strong stakeholder management skills and experience working collaboratively, and forging partnerships with regional and global teams to define and deliver aligned goals
- Strong understanding of security technologies, including SIEM, EDR, NDR, CAASM, CSPM, WAF, VA, threat intelligence platforms, firewalls, intrusion detection / prevention systems, and endpoint pro