Cyber Security Manager for Cyber Defense Center Engineering

Job Description
General description of Cyber Defense Engineering
The Cyber Defense Center (CDC) is a key security function at H&M, forming the last line of defense when other security controls fail, safeguarding company staff and assets 24/7.
To perform its job of security monitoring, analysis and incident response, the CDC relies on a wide set of modern security tooling, functions, and data. Engineering is an integrated part of the CDC and is responsible for managing and developing the tooling used by the analysts daily.
CDC Engineering is currently a 6-person team with a target of growing to 8-10 over the next 6-12 months.
The team works according to agile/DevSecOps methods with continuous deployment and is a diverse team with different skill sets ranging from deep knowledge in SIEM-systems to coding and cloud skills. We work with orchestration in Azure DevOps using Terraform as infrastructure as code with repo in Git as the basis for code management, configuration, and deployments to our main environment in Azure.
Manager role
Your role is to lead the engineering team in their daily work, develop the team and the individuals in a formal manager role. This also includes tight cooperation with the manager of the analyst’s team and other stakeholders within H&M.
As the leader of the team, you are also expected to be a senior in the engineering field and help guide and select the best path when faced with technical choices or problems together with the team. As the team lead for engineering, you will also be part of the Cyber Defense management group.
The leadership style is according to servile leadership, enabling the team members to make decisions and grow their knowledge as a team, at the same time working towards common targets both short and long term.
As leaders, we aim to create an open and safe environment where everyone counts and can voice their opinion. We believe that diversity creates stronger teams and delivers the best results.
Technical stack used in the CDC:
Programming languages: Python


Cloud technologies: Azure & GCP
Containers: Kubernetes, Docker


SIEM/SOAR: Azure Sentinel


CICD & DevSecOps practices


GitHuib and GitHub Actions


IaC with Terraform
Deployment with Azure DevOps.



General requirements for the role
Leadership experience for engineering teams, formal or informal


Skills in team development according to agile/DevSecOps practices


Senior engineering skills, 8-10 years of experience as an engineer
High proficiency in English - verbal and written


Be able to work in an agile and dynamic environment where requirements can change based on threat landscape and incidents


Be able to be a strong representative for the team in internal and external dialogues



Nice to have
High proficiency in Swedish - verbal and written
Architectural skills regarding system architecture


Technical cyber security experience, primarily in SIEM/SOAR, SOC-ops



Technical requirements
High proficiency in at least one programming language


High proficiency in cloud, Azure or GCP
Experience of container technology in cloud, preferably Kubernetes and Docker


Experience working with CI/CD



Nice to have
Proficiency in GitHub


Proficiency in Terraform
Proficiency in Azure DevOps


Proficiency in Azure Sentinel



What we offer
Possibility to flex between working in the office and from home, 3 days in the office per week is the baseline.


Standard work hours (not affected by 24/7 operations)
A friendly work environment


To be part of building a world class Security Operation Center


Personal development