Cyber Security Manager for Cyber Defense Center Engineering
Stockholm, Sweden
H&M Group
We are a family of brands, driven by our desire to make great design available to everyone in a sustainable way.Job Description
General description of Cyber Defense Engineering
The Cyber Defense Center (CDC) is a key security function at H&M, forming the last line of defense when other security controls fail, safeguarding company staff and assets 24/7.
To perform its job of security monitoring, analysis and incident response, the CDC relies on a wide set of modern security tooling, functions, and data. Engineering is an integrated part of the CDC and is responsible for managing and developing the tooling used by the analysts daily.
CDC Engineering is currently a 6-person team with a target of growing to 8-10 over the next 6-12 months.
The team works according to agile/DevSecOps methods with continuous deployment and is a diverse team with different skill sets ranging from deep knowledge in SIEM-systems to coding and cloud skills. We work with orchestration in Azure DevOps using Terraform as infrastructure as code with repo in Git as the basis for code management, configuration, and deployments to our main environment in Azure.
Manager role
Your role is to lead the engineering team in their daily work, develop the team and the individuals in a formal manager role. This also includes tight cooperation with the manager of the analyst’s team and other stakeholders within H&M.
As the leader of the team, you are also expected to be a senior in the engineering field and help guide and select the best path when faced with technical choices or problems together with the team. As the team lead for engineering, you will also be part of the Cyber Defense management group.
The leadership style is according to servile leadership, enabling the team members to make decisions and grow their knowledge as a team, at the same time working towards common targets both short and long term.
As leaders, we aim to create an open and safe environment where everyone counts and can voice their opinion. We believe that diversity creates stronger teams and delivers the best results.
Technical stack used in the CDC:
Programming languages: Python
Cloud technologies: Azure & GCP
Containers: Kubernetes, Docker
SIEM/SOAR: Azure Sentinel
CICD & DevSecOps practices
GitHuib and GitHub Actions
IaC with Terraform
Deployment with Azure DevOps.
General requirements for the role
Leadership experience for engineering teams, formal or informal
Skills in team development according to agile/DevSecOps practices
Senior engineering skills, 8-10 years of experience as an engineer
High proficiency in English - verbal and written
Be able to work in an agile and dynamic environment where requirements can change based on threat landscape and incidents
Be able to be a strong representative for the team in internal and external dialogues
Nice to have
High proficiency in Swedish - verbal and written
Architectural skills regarding system architecture
Technical cyber security experience, primarily in SIEM/SOAR, SOC-ops
Technical requirements
High proficiency in at least one programming language
High proficiency in cloud, Azure or GCP
Experience of container technology in cloud, preferably Kubernetes and Docker
Experience working with CI/CD
Nice to have
Proficiency in GitHub
Proficiency in Terraform
Proficiency in Azure DevOps
Proficiency in Azure Sentinel
What we offer
Possibility to flex between working in the office and from home, 3 days in the office per week is the baseline.
Standard work hours (not affected by 24/7 operations)
A friendly work environment
To be part of building a world class Security Operation Center
Personal development
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Agile Azure CI/CD Cloud Cyber defense DevOps DevSecOps Docker GCP GitHub Incident response Kubernetes Monitoring Python SIEM SOAR SOC Terraform
Perks/benefits: Career development Home office stipend
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Ethical hacker / Pentester H/F jobs
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Principal Security Engineer jobs
- Open Manager Pentest H/F jobs
- Open Cyber Security Architect jobs
- Open Product Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Staff Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Information Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Chief Information Security Officer jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Security Specialist jobs
- Open Senior Information Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Cybersecurity Specialist jobs
- Open Security Researcher jobs
- Open Senior Security Architect jobs
- Open Sr. Security Engineer jobs
- Open Security Operations Analyst jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open ISO 27001-related jobs
- Open Network security-related jobs
- Open Application security-related jobs
- Open Pentesting-related jobs
- Open Agile-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open SaaS-related jobs
- Open Analytics-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Security assessment-related jobs
- Open Security Clearance-related jobs
- Open Malware-related jobs
- Open DevOps-related jobs
- Open IDS-related jobs
- Open EDR-related jobs
- Open CEH-related jobs
- Open Kubernetes-related jobs
- Open Forensics-related jobs