Cyber Security PCI & Audit Specialist

Stockholm, Sweden

Applications have closed

H&M Group

We are a family of brands, driven by our desire to make great design available to everyone in a sustainable way.

View company page

Job Description

At H&M Group, we are constantly striving to empower our colleagues in protecting themselves and our products against cyber-threats. We are now looking for a Cyber Security PCI & Audit Specialist that will help H&M Group to secure their products, services and customers.

 

Company Description

At H&M Group, we believe in making great design available to everyone. It’s essential in everything we do. Our family of brands — H&M, COS, Monki, Weekday, & Other Stories, H&M Home, ARKET, Afound and Itsapark — offer customers around the world a wealth of fashion, beauty, accessories and homeware, as well as modern menus with fresh and local produce at some of the brands’ in-store eateries.

But design is so much more than just products; it’s about clever design processes, efficient product flows, creating experiences that enrich, and smart solutions that benefit all our customers.

Sustainability is always at the core of our business. Not only because we like to do what’s right — but it’s also beneficial for our business. We will continue to push for change and lead the way towards a more inclusive and sustainable fashion future.

Do you want to join us? We will trust you with great responsibility right from the start, reward a passionate mindset and encourage an entrepreneurial spirit. When you start a career with H&M Group, there’s no limit to where it can take you. Do you have a curious and analytical mindset and get inspired from being part of building a new world class cyber security organization? Then H&M Group Business Tech can offer you a position that matches your personality! We are looking for Cyber Security & Privacy Advisor to join our organization based in Stockholm.

 

What you will do

Just like us you believe in a non-hierarchical culture of collaboration, transparency, and trust.  You are a great communicator with information security skills within an international and diverse context. 

We are seeking a PCI-DSS and Audit Specialist with a strong business focus to join our team. The successful candidate will work in a team that are responsible for ensuring that our organization complies with the Payment Card Industry Data Security Standards (PCI-DSS) and all related regulations. The ideal candidate will have a strong understanding of PCI-DSS and be able to work closely with our business partners to ensure that our organization meets all compliance requirements.

H&M is committed to upholding the highest standards of security and compliance to protect our customers' payment card data. We are seeking a PCI-DSS and Audit Specialist with a strong business focus to join our team.

Collaboration is key in our new organization, and you will work close together with your colleagues as well as executing your tasks autonomously.              

 

Responsibilities:

- Develop, implement, and maintain the PCI-DSS compliance program.

- Coordinate and report regular audits and risk assessments to identify vulnerabilities and non-compliance issues.

- Ensure that our organization meets all regulatory requirements related to PCI-DSS.

- Work closely with our business partners to identify and mitigate risks related to the handling of payment card data.

- Provide guidance and support to business units to ensure that they are complying with PCI-DSS requirements.

- Develop and implement security policies and procedures to ensure that payment card data is secure.

  

Skills and opportunities 

Your interest in the IT and Information security world will totally blow us away, and your skills as a advisor are unmatched. You have done your research when it comes to how to lift the security competence in an agile organization. You have been supporting stakeholders in the past with security and understand their challenges as well as their needs.

We believe you are also known for your personal traits such as being a doer, curious and engaged. You live by the motto: I haven’t done this before, but I’d love to try! These are personal skills we love at Business Tech so don’t be afraid of showing them.

You have a strong analytical ability, but. Degrees are great, but we believe your skillset compliments and enhances your educational background.

On top of your security knowledge and skills, you have true people skills that will allow you to support teams with empathy and drive long-lasting behavior change. You can take responsibility, work proactively and continuously improve activities in complex, quickly transforming environments.

We work in a constant changing environment and no day is like the other. Therefore, we believe you thrive from working in a not yet formalized environment where anything and everything can happen. 

H&M Group is a value driven company. We are one team, and we share our knowledge and competence. We expect you to be a team-player; ready to share, learn and collaborate to get the best outcome. You will take on great responsibility from the start and be able to contribute with lots and lots of ideas. 

This is a great opportunity to contribute with your wide IT and Information Security background as well as experience from lifting the security competence in an agile organization.

Come join us on our journey!

 

Mandatory requirements, both competence and tools:

- 5+ years of experience in PCI-DSS compliance and audit in an enterprise environment.

- Strong understanding of PCI-DSS and related regulations.

- 5+ years of experience in External or Internal Audit.

- Ability to work with business partners to identify and mitigate risks.

- Excellent communication and interpersonal skills.

- Ability to work independently and as part of a team.

- CISSP, CISA or other related certifications are preferred but not mandatory.

 

Qualifying requirements:

  • Experience of e-commerce technologies is a merit
  • Experience of retail business is a merit
  • Experience of other data privacy laws is a merit
  • Experience of working in an agile organization

 

  • You are open minded, trustworthy and a self-motivated team player
  • You have an entrepreneurial spirit, have great personal ownership, work proactively and continuously improve activities in complex, quickly transforming environments
  • English, oral and written fluently
  • Swedish, oral and written is meriting

 

What we offer!

Besides the obvious perks such as staff discount card, flexible work life, learning communities, wellness benefits, parental benefits etc. You are joining a unique value driven culture, a large tech network and community where you can be yourself. There are endless opportunities to experiment and grow in any direction that you want and when you grow, we grow. Being a major player gives us countless opportunities to make a real impact and shape the future.

Practical info

Apply now for this truly inspiring position where you will work tightly integrated with the very users of the solutions you build and contribute to the right security mindset through the whole organization!

This is a fulltime position with placement in Stockholm with a possibility to work part time remote.

We will review and interview on-going so please apply with CV and Cover Letter as soon as possible, but no later than 30th of June 2023. 

For questions about the position and/or recruitment process, please contact Björn Lundgren, Bjorn.Lundgren@hm.com but please note that we do not consider application sent in via email.

 

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Tags: Agile Audits CISA CISSP Compliance E-commerce Privacy Risk assessment Vulnerabilities

Perks/benefits: Career development Flex hours Startup environment Team events Transparency

Region: Europe
Country: Sweden
Job stats:  7  0  0

More jobs like this

Explore more InfoSec / Cybersecurity career opportunities

Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.