Information Security Specialist

Company Description


We are currently looking for an Information Security Specialist to the Customer Domain in H&M Group Business Tech organization.
As an Information Security Specialist, you will be focusing on keeping H&M Group and our Customers secure. You will perform work associated with Information Security, Governance, Regulatory requirements, or Awareness, to support the product teams in the Customer Domain. The Information Security Specialist strives to safeguard the company’s tech delivery and continuously improve the security level through collaboration with multiple internal stakeholders as well as external vendors or partners.
Just like us you believe in a non-hierarchical culture of collaboration, transparency, and trust. You are a great communicator with Information Security skills in an international and diverse context.




Job Description


We have a complex and dynamic IT-environment where being able to grasp both the bigger picture and get into details is a must. Your niche is Information Security and your experience can span from having implemented technical security solutions to implementing industry standards e.g ISO 27001. Our current team is seven Security Specialists. Work tasks include:
• Support the Domain in being compliant with ISO 2700X, NIST or PCI DSS
• Support stakeholders to conduct the risk assessment for the products or solutions
• Assist teams to identify and mitigate Information and Cyber Security risks
• Support teams to manage the security controls on 3rd party vendors or suppliers
• Support stakeholders with GDPR or other privacy legislation
• Drive cyber security awareness, education and communication with stakeholders and teams in the organization
• Support in the event of a security incident
• Collaborate and support teams in the organization to achieve objectives (e.g.: business continuity) and to continuously improve security




Qualifications


• Experience working with large multicultural organization and fluency in English.
• E-commerce or retail industry experience is a big plus.
• Have a sound understanding of security principles, standards, and technologies like GDPR, PCI and ISO 27001
• A risk-based approach more than being compliance driven
• An understanding of business processes and the ability to translate them into the right need of security
• Ability to work agile even in Security
• Preferably experience of working with retail solutions and/or marketing solutions
• Qualifying is experience in e-commerce
• Qualifying is experience in working with vendors and cross-functional teams




Additional Information


If all of this sounds like it might be your kind of thing then you should get in touch. We’re more about personality and competence than qualifications, so don’t worry if your skills aren’t an entirely perfect match.
This is a fulltime position with placement in Stockholm, Sweden. You will report to the Security Competence Lead in Customer Commerce Delivery.
We will do interviews as soon as we see great applicants coming in. If you have any questions about the recruitment, please contact our recruiter – Nidhi Illman on nidhi.illman@hm.com
Why Join Us?
The H&M group’s Business Tech function aims to continuously surprise and delight our customers and accelerate our business to shape the future of sustainable fashion and design through the power of people, data and technology. You will be part of turning business challenges into innovative tech solutions – making H&M Group a global leader in combining tech, fashion and design. Being a major player gives us countless opportunities to make a real impact and shape the future. You are empowered, trusted, and challenged to explore your own path and write your own story. We believe in giving people responsibility early on, to create a strong sense of ownership and accountability. Our business is your business.