Cyber Security Engineering Manager – Security Controls
H&M GroupWe are a family of brands, driven by our desire to make great design available to everyone in a sustainable way.
H&M Group is on an exciting journey to meet and exceed our customers' expectations today, tomorrow, and in the future. Rapid technological development and new customer behaviours are transforming the fashion retail industry. To cater to the individual needs and desires of our millions of customers, our tech organisation delivers solutions for the entire value chain for all our brands.
To provide a secure, trustworthy, and always available experience to our customers, we are now transforming the way we address the continuously evolving and complex cyber security threats and risks. To do this we have created a new Tech Centre focused solely on managing Cyber Security for all our brands and majority investments. Within this Cyber Security Tech Centre, we have a unit that focuses on Cyber Security Engineering, with the mission to protect our customers, colleagues, and company by establishing and managing safe and secure technology use.
This is a unique opportunity to lead one of our Global Engineering teams, focused on Security Controls and drive our delivery and services portfolio for cloud security controls, data protection and other security controls throughout the whole H&M Group and all our brands. You will report to the Head of Cyber Security Engineering Unit.
We are looking for a strong manager and principal leader within Cyber Security Controls that can drive our delivery and services portfolio.
You will ensure that core capabilities are in place to manage Security Controls both in Cloud, and on-premises. You will grow and mature the internal and external organisation, from individual team members to our managed services partners. You will drive risk management work related to the Security Controls area, improve the security posture to meet current and emerging threats, and proactively work with compliance to policies and regulations. More specifically you will be responsible for:
- Managing the day-to-day activities of the Security Controls team and ensuring the teams are meeting operational and performance objectives.
- Team-level budgeting, planning, and roadmap.
- Professional development of staff to ensure they have relevant skills and qualifications.
- Stakeholder management to ensure that the Security Controls meet the needs of the business and comply with all relevant laws, and regulations and enforce company policies and procedures.
- Contributing to the Cyber Security strategy and ensuring their team is aligned with the strategy.
- Responding to audit findings, prioritizing remediation measures and manage the budget your team, including staff, contracts, and technology.
- Identify demands, objectives and key results and define and monitor supporting KPIs and metrics.
- Manage and improve Security Controls specific processes, dependencies, and integrations both Cloud and on-premises.
- Ensure the availability, stability, and performance of Security Controls services.
- Assess and manage risks to the effectiveness of platforms and services to protect against current and emerging threats.
- We believe you have several years of experience as a leading engineering manager, preferably within retail or e-commerce, using and implementing modern technologies in complex organisations at scale.
- You have strong leadership skills and experience as a staff responsible and excel at stakeholder management collaboration across business units.
- You will also have experience working with agile methodologies in an engineering or DevOps team.
- You also have the ability to practice creative and critical thinking by adding ideas and solutions to ongoing challenges with outstanding troubleshooting, analytical, and problem-solving thinking.
In addition to this, we believe that you:
- Have a track record of successful Security Controls deliveries in complex and large environments, both operations and change programs/projects.
- Have experience from designing, implementing, and deploying Security Controls solutions in an enterprise environment, and driving process change and implementation activities.
- Have a proven ability to drive and catalyst the creation, maintenance, and enforcement of policies and procedures to ensure effective provisioning, de-provisioning, and entitlements of identities and accesses.
- Have managed end to end delivery of projects with hands on involvement in the development and configuration of products around Security Controls.
- Have a security mindset and general knowledge around security concepts to go with it.
- Have experience with at least one major cloud provider (AWS, Azure, GCP).
- Are an experienced leader that understands team dynamics and personal development of staff.
- Have top-notch collaboration and communications skills.
- Holding a relevant certification is beneficial: CISSP, CISM, CompTia Security+, Identity Management Institute (IMI) certifications.
- In addition, we truly want you to be passionate and proud of your achievements, and that you share this with your colleagues.
Working with tech at H&M Group
Shaping the future of fashion with people, data, and tech. The fashion and retail industries are going through a transformation, driven by customers' technology and sustainability expectations. At H&M Group, we want to shape the future of fashion and lifestyle by harnessing the power of smart tech and data. With our 74-year history of innovation, we understand the need to collaborate and co-create with engineers and tech specialists around the world to achieve our vision.
What we offer!
- You are joining a unique value-driven culture, a large tech network and community where you can be yourself. Besides the obvious perks such as staff discount cards, flexible work life, learning communities, wellness benefits, parental benefits etc. There are endless opportunities to experiment and grow in any direction that you want, and when you grow, we grow. Being a major player gives us countless opportunities to make a real impact and shape the future.
- H&M Group is a value-driven company that wants to lead the way to a more inclusive environment. We are committed to creating an inclusive & diverse workplace with a dynamic and innovative culture.
- We welcome your application regardless of who you are, where you’re from and what you like.
- We welcome applicants with different backgrounds, perspectives, and skills.
- We welcome all applicants to strengthen our innovative and diverse culture.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
More jobs like this
Remote - United Kingdom Remote - United Kingdom Full TimeExecutive Executive-levelUSD 45K - 85K * USD 45K+ *
Director Analyst, Cryptography and Encryption - Remote UK, IrelandAES Blockchain C Certificate management Cloud Compliance +13
Career development Competitive pay Conferences Health care Insurance +5
London, United Kingdom London, United Kingdom Full TimeExecutive Executive-levelUSD 87K - 120K * USD 87K+ *
Palo Alto Networks
Chief Security Officer (CSO), UK&IC Cloud Computer Science ISO 27001 Network security NIST +4
Career development Conferences Medical leave Startup environment Team events
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open IT Security Analyst jobs
- Open Senior Information Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Information Security Officer jobs
- Open Security Operations Engineer jobs
- Open Analyste CERT / Incident Responder junior (H/F) jobs
- Open Ingénieur DevSecops H/F jobs
- Open Staff Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Senior Security Architect jobs
- Open Chief Information Security Officer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Analyste CERT / Incident Responder senior (H/F) jobs
- Open o365 Security Architect jobs
- Open Senior Security Analyst jobs
- Open Principal Security Engineer jobs
- Open Senior Cyber Security Engineer jobs
- Open Staff Product Security Engineer jobs
- Open Electronic Warfare Advanced Tactical Trainer jobs
- Open Product Security Engineer jobs
- Open Security Researcher jobs
- Open Cyber Security Architect jobs
- Open GCP-related jobs
- Open SOC-related jobs
- Open Risk assessment-related jobs
- Open Network security-related jobs
- Open Governance-related jobs
- Open Pentesting-related jobs
- Open ISO 27001-related jobs
- Open Analytics-related jobs
- Open CISM-related jobs
- Open SaaS-related jobs
- Open Threat intelligence-related jobs
- Open IAM-related jobs
- Open Malware-related jobs
- Open Java-related jobs
- Open Security Clearance-related jobs
- Open Vulnerability management-related jobs
- Open CISA-related jobs
- Open DevOps-related jobs
- Open Kubernetes-related jobs
- Open Security assessment-related jobs
- Open Forensics-related jobs
- Open APIs-related jobs
- Open SQL-related jobs
- Open CI/CD-related jobs
- Open EDR-related jobs