Cyber Security Specialist to H&M Group

Stockholm, Sweden

Full Time USD 60K - 89K *

H&M Group

We are a family of brands, driven by our desire to make great design available to everyone in a sustainable way.

View company page

Company Description

Shaping the future of fashion with people, data, and tech - The fashion and retail industries are going through a transformation, driven by customers technology and sustainability expectations. At H&M Group, we want to shape the future of retail by harnessing the power of smart tech and data. With our 74-year history of innovation, we understand the need to collaborate and co-create with engineers and tech specialists around the world to achieve our vision.

To provide a secure, trustworthy and always available experience to our customers, we are now establishing the H&M Group Cyber Security center of excellence. We are a global and diverse team of security engineers, specialists, analysts and architects whose main mission is to protect our customers, colleagues and company. Together we manage core security capabilities, build a culture of security, enable teams to create secure tech, and detect and manage threats. By joining this fast-growing center for excellence, you will have the opportunity to truly make an impact for millions of customers and employees.

Job Description

As the fashion and retail industries are changing, H&M Group is on a mission to cater for protecting the security risks that comes with that. This is where you come in. We are looking for you who would love to contribute to change by coming along a team of Cyber Security Specialists in Stockholm, and together protect our customers, colleagues and company.

What you will do as Cyber Security Specialist
As a Cyber security specialist your main objective is to guide teams about the potential security risks and to help keep H&M Group secure. You will play an important role in shaping a security mindset in an organization that is very retail oriented.

We believe you have experience and best practice knowledge in the area of ​​information security as well as the ability to translate security-related information to a technical and non-technical audience, preferably in an agile environment.
You will be a part of improving way of working, implementing guidelines, and using your practical experience to help teams embed security into processes, IT solutions and systems. You will also perform assessments of third-party risks from our vendors and partners.  

By coaching, performing risk assessments, identifying threats and making sure teams enhance security by collaborating with different stakeholders internally, you will improve the general security level for the whole group.  


We would like you to have a comprehensive understanding of cloud security concepts and principles with an ability to identify and assess cloud-specific vulnerabilities and threats, e.g. for the Microsoft Azure or Google Cloud Platforms, something that most likely comes from practical experience in managing and/or advising an organization on their cloud security program. 

In this role, driving change through good communication is key. You can explain the principles of Information Security requirements and how it applies to a team/organization. Together with a team of specialists, you will be responsible to contribute to the right security mindset through the whole organization. We therefore believe you are a good listener, pragmatic and have a coaching approach. 

In addition, we believe you have experience from work within the area of third-party security, risk management and vulnerability management. Furthermore, you are familiar with standards and frameworks like the ISO 27000-series, GDPR, NIST and CIS benchmarks/controls.  

Holding some of the following certifications is a plus: CCSP, CISSP, CISM, CISA. 

Additional Information

Who we are!
We are creative minds; testing, experimenting, learning, and growing. With our strong values as our guide, we are empowered to create, innovate, and deliver. We work in multiple areas of the tech field. From AI to data-driven business development, user experience to engineering. We turn business challenges into innovative tech solutions – making H&M Group a global leader in combining tech, fashion and design. 

What we offer!       
Besides the obvious perks such as staff discount card, flexible work life, learning communities, wellness benefits, parental benefits etc. you are joining a unique value driven culture, a large tech network and community where you can be yourself. You will be given a high degree of freedom in seeking out opportunities and assisting in forming our Cyber Security center for excellence. There are endless opportunities to experiment and grow in any direction that you want and when you grow, we grow. 

Apply now for this truly inspiring position and be a part of shaping H&M’s future security mindset!

This is a fulltime position with placement in Stockholm. You will report to Head of Security advisors at Business Tech. We will not ask you for a lengthy Cover Letter, however we do want to see your CV with a short introduction as to why you are applying for this role. Do this as soon as possible but no later than February 27th 2022.

For questions about the position and/or recruitment process, please contact Talent Acquisition Partners: Haben Zeriet ( or Marta Wieczorek (

Please note that we do not consider application sent in via email.

* Salary range is an estimate based on our salary survey 💰

Tags: Agile Azure CCSP CISA CISM CISSP Cloud GCP GDPR ISO 27000 NIST Risk assessment Risk management Vulnerabilities Vulnerability management

Perks/benefits: Career development Flex hours

Region: Europe
Country: Sweden
Job stats:  2  0  0
  • Share this job via
  • or

More jobs like this

Explore more InfoSec/Cybersecurity career opportunities

Find open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Analysis, Cryptography, Digital Forensics and Cyber Security in general, filtered by job title or popular skill, toolset and products used.