Network Security Domain Architect, H&M Group

Job Description
Do you want to work with one of the fashion industry’s biggest tech transformations and develop and manage H&M Groups network security globally? Join us as our new Network Security Domain Architect!
The H&M group is on an exciting journey to meet and exceed our customers' expectations today, tomorrow and in the future. Rapid technological development and new customer behaviors are transforming the fashion retail industry. To cater the individual needs and desires of our millions of customers, we deliver technological solutions for the entire value chain for all our brands. As Network Security Domain Architect, you enable our future state information and technology capabilities, ensuring organizational resilience, stability, and operational excellence in pursuit of transforming the fashion retail industry. Nurture the entrepreneur within you, innovate with huge global impact, and work as part of our team to accelerate our business as it breaks new ground.
You will be part of the Technical Service Area Network. Our mission is to deliver a secure, intelligent, automated, innovative, and trusted network with business aligned availability, being an enabler for H&M digitalization journey to deliver great user experience. As Network Security Domain Architect, you will work from Sweden (time zone Central European Time), owning the overall responsibility for setting long-term planning for the whole H&M Network Security covering more than 5000 locations across the globe. You will work closely with the Network Domain Architect to align and establish our wanted position. Your day-to-day job will cover everything from dialogues with Enterprise Architecture functions to business stakeholders, suppliers, and close cooperation with all functions within the Technical Service Area Network as well as with the Information Risk & Security domain to ensure alignment with the overall security architecture.
Responsibilities
You will be a part of a global cross functional agile Network team of amazing professionals, working daily to set strategies and make sure that overall identified Network Security improvement activities are being executed and adapted to wanted position for the Service Area. Collaboration with stakeholders will be a part of your work and to spread the message what we are doing within the area to relevant functions that utilize our Network Security capabilities. You will, together with the team set the direction, develop, build, and manage the Network Security, transforming our legacy network to network as a code with a service layer. You will also analyze, design, develop and maintain roadmaps and implementation plans to enable future state business and digital capabilities in support of driving targeted business outcomes; ensure organizational resilience. You will have a decisive impact in how we shape the future of H&M Group’s network security and make it fit for supporting our business. Furthermore, you will:
Contextualize strategic vision and direction; conduct analysis, identify opportunities, constraints and support strategic activities related to the development and management of business domain processes, products, information, and technology
Provide leadership, perform facilitation and analysis and designs tasks required for the development/management of business domain architecture.
Create artefacts that serve as target state guidance (reusable standards, guidelines, individual parts, and configurations) and support the business domain
Identify interdependencies and use ‘holistic thinking’ to ensure the cross-team perspective when designing and implementing solutions
Work closely with, and guide, stakeholders to create alignment between business, processes and technology, review cost, benefits, risk, etc., of changes
Facilitate and orchestrate the delivery of targeted business outcomes through consultation on business domain architecture related decisions
Evaluate and drive continuous improvement, reducing technical debt, and enhancing end-to-end value business value. Work with teams to lower the total cost of ownership, develop investment plans and reduce technical debt
Participate in internal and external activities related to technology matching and selection to ensure technology choice aligns with overall tech architecture and business strategy
Facilitate best practice sharing and teach architecture thinking to engineering and delivery community
Contribute to the Technical Service Area strategy and OKRs (Objective Key Results).

Who are you? 
We believe you are a true team player who has several years of experience of global IT and complex network security environments with good understanding of Agile methodologies. You take responsibility, work proactively and continuously improve activities in complex, quickly transforming environments You will be a key player in the Technical Service Area, and we believe you are adaptable, collaborative, open-minded and able to work in a flexible environment with a non-prestigious approach. You have proven experience in designing, integrating, and supporting Network Security solutions in a multi-vendor/multi-cloud IT environment. You also have experience from working with APIs and system integrations. You can understand and visualize concepts that are not yet concrete, and use your problem-solving skills, analytic ability, creativity and customer and business drive to find a solution. Furthermore, we believe you have:
Experience in designing and best practices of Network Security solutions in a multi-vendor/multi-cloud IT environment
Knowledge of Architecture frameworks and modelling techniques
Network Security automation, orchestration, and programming experience
Experience from regulatory compliance (PCI-DSS, HIPAA, GDPR etc)
Experience of planning, design, and lifecycle management for global WAN networks (either from ISP or large IT organizations)
Deep understanding of network security solutions and technology including IPS, proxy, firewall, reverse-proxy, VPN, Zero Trust Network Access (ZTNA), Wi-Fi, micro segmentation and profiling, SASE and zero trust concepts, securing VoIP