Cyber Security Manager for Cyber Defense Center Engineering

Job Description

General description of Cyber Defense Engineering 

The Cyber Defense Center (CDC) is a key security function at H&M, forming the last line of defense when other security controls fail, safeguarding company staff and assets 24/7. 

To perform its job of security monitoring, analysis and incident response, the CDC relies on a wide set of modern security tooling, functions, and data. Engineering is an integrated part of the CDC and is responsible for managing and developing the tooling used by the analysts daily. 

CDC Engineering is currently a 6-person team with a target of growing to 8-10 over the next 6-12 months. 

The team works according to agile/DevSecOps methods with continuous deployment and is a diverse team with different skill sets ranging from deep knowledge in SIEM-systems to coding and cloud skills. We work with orchestration in Azure DevOps using Terraform as infrastructure as code with repo in Git as the basis for code management, configuration, and deployments to our main environment in Azure. 

Manager role 

Your role is to lead the engineering team in their daily work, develop the team and the individuals in a formal manager role. This also includes tight cooperation with the manager of the analyst’s team and other stakeholders within H&M.  

As the leader of the team, you are also expected to be a senior in the engineering field and help guide and select the best path when faced with technical choices or problems together with the team. As the team lead for engineering, you will also be part of the Cyber Defense management group. 

The leadership style is according to servile leadership, enabling the team members to make decisions and grow their knowledge as a team, at the same time working towards common targets both short and long term. 

As leaders, we aim to create an open and safe environment where everyone counts and can voice their opinion. We believe that diversity creates stronger teams and delivers the best results. 

Technical stack used in the CDC: 

• Programming languages: Python 

• Cloud technologies: Azure & GCP 

• Containers: Kubernetes, Docker 

• SIEM/SOAR: Azure Sentinel 

• CICD & DevSecOps practices 

• GitHuib and GitHub Actions 

• IaC with Terraform 

• Deployment with Azure DevOps. 

General requirements for the role 

• Leadership experience for engineering teams, formal or informal 

• Skills in team development according to agile/DevSecOps practices 

• Senior engineering skills, 8-10 years of experience as an engineer 

• High proficiency in English - verbal and written 

• Be able to work in an agile and dynamic environment where requirements can change based on threat landscape and incidents 

• Be able to be a strong representative for the team in internal and external dialogues 

Nice to have 

• High proficiency in Swedish - verbal and written   

• Architectural skills regarding system architecture 

• Technical cyber security experience, primarily in SIEM/SOAR, SOC-ops 

Technical requirements 

• High proficiency in at least one programming language 

• High proficiency in cloud, Azure or GCP 

• Experience of container technology in cloud, preferably Kubernetes and Docker 

• Experience working with CI/CD 

Nice to have 

• Proficiency in GitHub 

• Proficiency in Terraform 

• Proficiency in Azure DevOps 

• Proficiency in Azure Sentinel 

What we offer 

• Possibility to flex between working in the office and from home, 3 days in the office per week is the baseline. 

• Standard work hours (not affected by 24/7 operations) 

• A friendly work environment 

• To be part of building a world class Security Operation Center 

• Personal development