- Notera att ansökningsdagen för den här annonsen kan ha passerat. Läs annonsen noggrant innan du går vidare med din ansökan.
At H&M Group, we believe in making great design available to everyone. It’s essential in everything we do. Our family of brands — H&M, COS, Monki, Weekday, & Other Stories, H&M Home, ARKET, Afound and Itsapark — offer customers around the world a wealth of fashion, beauty, accessories and homeware, as well as modern menus with fresh and local produce at some of the brands’ in-store eateries.But design is so much more than just products; it’s about clever design processes, efficient product flows, creating experiences that enrich, and smart solutions that benefit all our customers.
Sustainability is always at the core of our business. Not only because we like to do what’s right — but it’s also beneficial for our business. We will continue to push for change and lead the way towards a more inclusive and sustainable fashion future.
Do you want to join us? We will trust you with great responsibility right from the start, reward a passionate mindset and encourage an entrepreneurial spirit. When you start a career with H&M Group, there’s no limit to where it can take you.
Working in the H&M Cyber Defense Center you will work with world class tooling for threat hunting, detection and response based on cloud technology (For example, Azure Sentinel, Defender for Endpoint, Defender for O365, GCP SCC, Akamai, and more) with a dedicated team of DevOps engineers constantly develop tooling to support analysis, response and automations. Our Cyber Defense Center is the beating heart in the defense of our company, combining intelligence, monitoring, incident response and threat hunting with an engineering mindset to make the most out of people and technology.
As a Cyber Security Analyst in our Cyber Defense Center, you play a key role in H&M Group’s cyber-Defense. You understand cyber security threats and the threat landscape, act to detect, analyze and respond to cyber-attacks, manage incidents and reduce risk to customers, colleagues, partners and the company. You will work with the team to improve the capabilities to reduce response time but at the same time maintain quality. We are taking advantage of the latest technology in intelligence and automation. Ultimately the aim is to bring value to our business by reducing risk!
In this role you will be responsible for:
- Analyze security incidents, alerts, and events .
- Investigate incidents according to SOP: s and best practice .
- Perform remediation activities according to SOP: s and best practice.
- Interaction with stakeholders to support investigation and remediation .
- Escalation of major incidents according to SOP: s
- Support major incident response activities.
- Improve detection, whitelisting, and automation for incident and alert handling .
- Improve and document SOP: s
- Can explain the principal requirements of major legislations and regulations relevant to information security.
- Can explain the principles of threat intelligence, modelling and assessment.
- Can explain the principles of a computer system, network and storage security architecture and how these can be used to reduce information risk.
- Can explain the main principles and processes involved in conducting a compliance monitoring exercise.
- Have experience with operating as a member of an intrusion and analysis team member.
- Have experience with Incident management, investigation and response.
- Have experience with developing custom detection in either SIEM or EDR solutions and understands the logic behind it.
- Understands local (organization or project) identity and access management policies and processes and the operation of any IAM system.
- Knowledge of network communication, cloud infra, OS and applications.
- + 3 years of experience as a Security Analyst.
- Experience with SIEM and logging environments for threat analysis, investigate, threat hunting and triage analysis on various security solutions such as firewalls, IDS, identity protection, etc.
- Experience with EDR (Endpoint Detection and Response) as part of incident response and investigation
- Understand attack mitigations and improvements related to OWASP.
- Experience with Bot Management
- Experience with Content Delivering Networks (CDN)
- Experience in network-based detection technologies like IDS/flow analysis, PCAP-analysis, etc.
- Experience in cloud-based computing on large scale (preferably Microsoft Azure, but also GCP or AWS)
- Understand of threat landscape, trends and act proactively on threat intelligence
- Good understanding of fundamental infrastructure components, network concepts, Operating Systems (Windows & Linux), intrusion, email systems, DNS, TCP/IP, etc.
- Willing to work in a team-oriented environment and flexibility to work in a demanding environment, sometimes under time-pressure
- Experience in complex incident response, investigation processes and documentation of incident cases
- Basic knowledge in PowerShell and Python.
- Curious, motivated and team player.
This is a full-time position with placement in Stockholm. If you feel that your experience, skills and ambitions are right for this role, please send your resume (no need for cover letter) latest by 2023-06-10. If any questions, please contact Talent Acquisition Partner Prianka Raina at [email protected].
We look forward to receiving your application!
H&M Group is committed to creating a Diverse & Inclusive environment and we are actively looking for qualified candidates irrespective of race, gender, gender identity, sexual orientation, ethnicity, religion, national origin, disability, or age.