Cyber Defence Analyst - eCom
Stockholm, Sweden
H&M Group
We are a family of brands, driven by our desire to make great design available to everyone in a sustainable way.Job Description
Working in the H&M Cyber Defense Center eCom, you will work with world class tooling for threat hunting, detection and response based on cloud technology (For example, Azure Sentinel, Defender for Endpoint, Defender for O365, GCP SCC, Akamai, and more) with a dedicated team of DevOps engineers constantly develop tooling to support analysis, response and automations.
Our Cyber Defense Center is the beating heart in the defense of our company, combining intelligence, monitoring, incident response and threat hunting with an engineering mindset to make the most out of people and technology.
What you will do
As a Cyber Security Analyst in our Cyber Defense Center eCom team, you play a key role in H&M Group’s cyber Defense. You understand cyber security threats and the threat landscape, act to detect, analyze and respond to cyber-attacks, manage incidents and reduce risk to customers, colleagues, partners and the company. You will work with the team to improve the capabilities to reduce response time but at the same time maintain quality. We are taking advantage of the latest technology in intelligence and automation. Ultimately the aim is to bring value to our business by reducing risk!
Responsibilities
In this role you will be responsible for:
- Analyze security incidents, alerts, and events.
- Investigate incidents according to SOP: s and best practice.
- Perform remediation activities according to SOP: s and best practice.
- Interaction with stakeholders to support investigation and remediation.
- Escalation of major incidents according to SOP: s
- Support major incident response activities.
- Improve and develop detection, whitelisting, SOP:s, and automation for incident and alert handling.
Qualifications
- Can explain the principles of threat intelligence, modelling and assessment.
- Can explain the principles of a computer system, network and storage security architecture and how these can be used to reduce information risk
- Can explain the main principles and processes involved in conducting a compliance monitoring exercise
- Have experience with operating as a member of an CSIRT or SOC.
- Have experience with Incident management, investigation and response.
- Have experience with developing custom detection in either Bot Management, SIEM or EDR solutions and understands the logic behind it.
- Knowledge of network communication, cloud infra, OS, API:s and applications.
- + 3 years of experience as a Security Analyst or similar area.
Specific competence
Experience with SIEM and logging environments for threat analysis, investigation, threat hunting and triage analysis on various security solution such as WAF, Bot Management, EDR.
Understand attack mitigations and improvements related to OWASP
Experience with Content Delivering Networks (CDN)
- Experience in cloud-based computing on large scale (preferably Microsoft Azure, but also GCP or AWS)
- Understanding of threat landscape, trends and act proactively on threat intelligence
- Good understanding of fundamental infrastructure components, network concepts, Operating Systems (Windows & Linux), DNS, etc.
- Willing to work in a team-oriented environment and flexibility to work in a demanding environment, sometimes under time-pressure
Additional Information
Working with tech at H&M Group
Shaping the future of fashion with people, data, and tech. The fashion and retail industries are going through a transformation, driven by customers' technology and sustainability expectations. At H&M Group, we want to shape the future of fashion and lifestyle by harnessing the power of smart tech and data. With our 74-year history of innovation, we understand the need to collaborate and co-create with engineers and tech specialists around the world to achieve our vision.
What we offer!
You are joining a unique value-driven culture, a large tech network and community where you can be yourself. Besides the obvious perks such as staff discount card, flexible work life, learning communities, wellness benefits, parental benefits etc. There are endless opportunities to experiment and grow in any direction that you want, and when you grow, we grow. Being a major player gives us countless opportunities to make a real impact and shape the future.
This is a full-time position with placement in Stockholm
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: APIs Automation AWS Azure CDN Cloud Compliance CSIRT Cyber defense DevOps DNS EDR GCP Incident response Linux Monitoring OWASP Sentinel SIEM SOC Threat intelligence Windows
Perks/benefits: Career development Flex hours Team events
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Product Security Engineer jobs
- Open Cloud Security Architect jobs
- Open Security Operations Engineer jobs
- Open Principal Security Engineer jobs
- Open Information Security Officer jobs
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Chief Information Security Officer jobs
- Open Senior Product Security Engineer jobs
- Open Cyber Security Architect jobs
- Open IT Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Security Specialist jobs
- Open Senior Network Security Engineer jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Cybersecurity Consultant jobs
- Open Security Consultant jobs
- Open IT Security Analyst jobs
- Open Security Operations Analyst jobs
- Open Senior Information Security Analyst jobs
- Open Manager Pentest H/F jobs
- Open Information Security Architect jobs
- Open Information System Security Officer jobs
- Open Agile-related jobs
- Open Risk assessment-related jobs
- Open SOC-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open GCP-related jobs
- Open IAM-related jobs
- Open Application security-related jobs
- Open Pentesting-related jobs
- Open Threat intelligence-related jobs
- Open DoD-related jobs
- Open Vulnerability management-related jobs
- Open DevOps-related jobs
- Open Security Clearance-related jobs
- Open CEH-related jobs
- Open APIs-related jobs
- Open Security assessment-related jobs
- Open SaaS-related jobs
- Open Malware-related jobs
- Open Kubernetes-related jobs
- Open Java-related jobs
- Open EDR-related jobs
- Open TS/SCI-related jobs