Current jobs related to Senior Cyber Security Governance, Risk and Compliance Specialist - Stockholm, Stockholm - H&M Group
-
Cyber Security and Compliance Specialist
7 days ago
Stockholm, Stockholm, Sweden H&M Group Full timeCompany OverviewH&M Group is a leading fashion retailer with a strong commitment to cybersecurity and data privacy. Our Cyber Security & Privacy Unit is responsible for ensuring the protection of our company's critical data, infrastructure, and customers from potential cyber threats.Job SummaryWe are seeking a skilled Cyber Security and Compliance Specialist...
-
Stockholm, Stockholm, Sweden Spotify Full timeJob Title: Senior Security Governance, Risk, and Compliance ManagerSpotify is seeking a highly skilled Senior Security Governance, Risk, and Compliance (GRC) Manager to join the Security Studio. As a key member of the team, you will work closely with engineering teams and audit functions to drive the execution of tasks for the Security GRC Program.Key...
-
Senior Cyber Security GRC Specialist
2 weeks ago
Stockholm, Stockholm, Sweden H&M Group Full timeCyber Security GRC RoleWe are seeking a highly skilled Cyber Security GRC professional to join our team at H&M Group. As a key member of our Cyber Security GRC unit, you will play a crucial role in embedding defined standards and regulatory frameworks within information and IT security.Key Responsibilities:Develop and maintain a structured approach to cyber...
-
Stockholm, Stockholm, Sweden Spotify Full timeJob SummarySpotify is seeking a Senior Security Governance, Risk, and Compliance (GRC) Manager to join the Security Studio. The successful candidate will work closely with our engineering teams and audit functions to drive SOC 2 compliance and other compliance and information security frameworks. Key responsibilities include leading the SOC 2 compliance...
-
Senior Cyber Security Professional
3 days ago
Stockholm, Stockholm, Sweden H&M Group Full timeJob Overview We are seeking an experienced Cyber Security GRC Specialist to join our team at H&M Group. In this role, you will play a crucial part in embedding defined standards and regulatory frameworks within information and IT security to ensure risk supervision and business continuity. As a Cyber Security GRC Specialist, you will be strategically...
-
Global Information Security Manager
4 weeks ago
Stockholm, Stockholm, Sweden Intrum Full timeJob Title: Global Information Security Manager - IT Risk GovernanceAt Intrum, we're seeking a highly skilled Global Information Security Manager to join our team. As a key member of our Global Information Security function, you'll play a critical role in protecting our digital assets and managing IT risks.Key Responsibilities:Develop and maintain the IT risk...
-
Cyber Security
2 weeks ago
Stockholm, Stockholm, Sweden H&M Group Full timeJob SummaryThe Cyber Security & Privacy Unit at H&M Group is seeking a highly skilled Cyber Security & Privacy Specialist to join our team. As a key member of our team, you will be responsible for ensuring the protection of our company's critical data, infrastructure, and customers from potential cyber threats.Key ResponsibilitiesDevelop, implement, and...
-
Compliance Risk Governance Specialist
1 day ago
Stockholm, Stockholm, Sweden Nordea Bank Full timeJob Opportunity:We are seeking a highly skilled Lead Compliance Officer to join our Compliance Risk Governance team. As a key member of the team, you will play a crucial role in performing and advising on Compliance Risk identification and registration processes.About the Role:As the Lead Compliance Officer, you will be responsible for supporting the Group...
-
Global Information Security Manager
7 days ago
Stockholm, Stockholm, Sweden Intrum Full timeAt Intrum, you will contribute to the company's goal of making a difference. You will do it in a highly international environment and in a supportive culture where effort counts.The Global Information Security Manager (GISM) – IT Risk Management, plays a crucial role in our efforts to protect digital assets and manage IT risks. This vital role involves...
-
PCI Compliance Specialist
4 weeks ago
Stockholm, Stockholm, Sweden H&M Group Full timeAbout the RoleWe are seeking a highly skilled PCI Compliance Specialist to join our Cyber Security and Privacy Unit at H&M Group. As a PCI Compliance Specialist, you will be responsible for ensuring the protection of our company's critical data, infrastructure, and customers from potential cyber threats.Key ResponsibilitiesDevelop, implement, and maintain...
-
Cyber Security IAM Specialist
7 days ago
Stockholm, Stockholm, Sweden H&M Group Full timeJob DescriptionThe role of a Cyber Security IAM Analyst is to work with various departments within an organization to drive identities and access control initiatives for internal policies, regulatory compliance, and industry standards. As an IAM Analyst, you can work on different aspects of IAM, including analyst, engineer, and administrator roles.You will...
-
Cyber Security Specialist
3 days ago
Stockholm, Stockholm, Sweden Vipas AB Full timeJob Description:At Vipas AB, we're seeking a skilled Cyber Security Specialist to join our team. As a key member of our IT consulting department, you will play a crucial role in ensuring the security of our clients' information systems.About the Role:As a Cyber Security Specialist, you will work closely with our IT architects and system engineering teams to...
-
Cyber Security Specialist
3 days ago
Stockholm, Stockholm, Sweden H&M Group Full timeAbout the Role:Cyber Security Engineers at H&M Group implement security controls to ensure the confidentiality, integrity, and availability of sensitive data.Key Responsibilities:Support tech delivery teams with expert security knowledge in cloud, network security, data protection, and more.Design, build, test, deploy, and confirm security compliance for...
-
Cyber Security Manager
3 days ago
Stockholm, Stockholm, Sweden H&M Group Full timeJob SummaryWe are seeking a highly skilled Cyber Security Manager to join our team at H&M Group. As a Cyber Security Manager, you will be responsible for leading a team of cyber security professionals, driving the PCI program, and ensuring compliance with relevant laws and regulations.ResponsibilitiesLead a team of cyber security professionals driving the...
-
Cyber Security IAM Analyst CoE
2 months ago
Stockholm, Stockholm, Sweden H&M Group Full timeJob DescriptionThe role of an Identity and Access Management Analyst is to collaborate with various departments within an organization to drive identities and access control initiatives in support of internal policies, regulatory compliance, and industry standards. The IAM Analyst can work with and focus on different aspects of IAM, including analyst,...
-
Cyber Security Manager
4 weeks ago
Stockholm, Stockholm, Sweden H&M Group Full timeCyber Security & Privacy Unit LeadAbout the RoleWe are seeking a highly skilled and experienced Cyber Security & Privacy Unit Lead to join our team at H&M Group. As a key member of our Cyber Security & Privacy Unit, you will be responsible for leading a team of cyber security professionals in driving the PCI program, security-related internal and external...
-
Senior IT Auditor
2 months ago
Stockholm, Stockholm, Sweden zeroG - AI in Aviation Full timeAbout the RoleWe are seeking a highly skilled Senior IT Auditor to join our team at zeroG - AI in Aviation. As a Senior IT Auditor, you will play a critical role in assessing and mitigating technology-related risks that could impact our business operations.Key ResponsibilitiesAssess and evaluate technology-related risks, including cyber security, data...
-
Governance Specialist
1 week ago
Stockholm, Stockholm, Sweden Belmont Lavan Ltd Full timeWe are seeking a Governance Specialist to join Belmont Lavan Ltd.The ideal candidate will be responsible for maintaining effective governance processes and frameworks within the organization.Main responsibilities:Develop and implement governance policies and procedures.Conduct regular risk assessments and identify areas of improvement.Monitor compliance with...
-
Cyber Security IAM Analyst CoE
3 weeks ago
Stockholm, Stockholm, Sweden H&M Group Full timeJob DescriptionThe role of an Identity and Access Management Analyst is to work closely with various departments within an organization to drive identities and access control initiatives in support of internal policies, regulatory compliance, and industry standards.ResponsibilitiesEnforce company policies and procedures related to identity and access...
-
Cyber Security Specialist
3 weeks ago
Stockholm, Stockholm, Sweden Vipas AB Full timeAbout Vipas ABVipas AB is a leading IT consulting company that delivers tailored solutions using cutting-edge technologies. Our team is well-versed in software development, DevOps, and engineering, bringing years of experience and expertise.Job DescriptionWe are seeking a highly skilled Cyber Security Engineer to join our team. As a Cyber Security Engineer,...
Senior Cyber Security Governance, Risk and Compliance Specialist
2 months ago
Job Overview
The Cyber Security Governance, Risk and Compliance (GRC) team is integral to the H&M Group, focusing on the implementation of established standards and regulatory frameworks within the realms of information and IT security. This unit is responsible for ensuring effective risk management and business continuity, which includes auditing compliance and overseeing the identification, evaluation, and mitigation of technology and cyber security risks.
Key Focus Areas:
Governance: Develop a structured approach to cyber security by aligning processes and functions to meet organizational goals and enhance the security culture.
Risk Management: Identify, evaluate, address, and mitigate cyber security and technology risks while ensuring ongoing monitoring.
Compliance: Ensure adherence to both global and local laws, standards, and regulatory requirements in the cyber security domain.
Resilience: Maintain the ability to deliver intended outcomes despite facing challenging cyber incidents.
Collaboration is key as we work closely with various departments, continuously striving to improve our services and processes.
Our objective is to establish a cohesive, systematic, and risk-based approach that enables H&M Group to achieve a robust and resilient cyber security posture compliant with all relevant regulations. The advantages of this approach include reduced costs, minimized duplication of efforts, enhanced visibility into risks, improved data accuracy and consistency, and better alignment among stakeholders.
We are seeking four senior professionals for the GRC unit, each focusing on specific areas: In this role, you will report directly to the Unit Manager for Cyber Security GRC.
Risk Officer:
Responsible for maintaining H&M Group's Cyber Security Risk Management Framework at a global level and driving continuous risk management efforts across both enterprise and operational levels within BT Cyber Security.
Compliance Officer:
Tasked with ensuring the Cyber Security Common Control Framework (CCF) is current for all applicable markets, and strategically designing the annual Audit Plan and Program for H&M Group and its vendors.
Resilience Officer:
Focused on keeping the Cyber Security Resilience initiatives updated across the organization, employing a systematic risk-based approach that encompasses Business Continuity, Disaster Recovery, and Crisis & Incident Management.
GRC Officer:
Engaged in all GRC areas, assisting with daily operations and specific improvement initiatives and projects.
All four roles will involve:
Defining and maintaining policies, processes, and procedures, along with creating guidelines and templates. Collaborating closely with internal and external stakeholders within their areas of responsibility. Continuously seeking opportunities to enhance the effectiveness and efficiency of cyber security controls and processes.Qualifications
Candidates should possess 5-10 years of experience in cyber security and/or GRC-related roles, demonstrating expertise in their respective focus areas:
Risk Officer:
Experience in implementing risk management strategies related to cyber security, including identification, analysis, and mitigation planning at both enterprise and operational levels.
Compliance Officer:
Knowledge of legal requirements, best practices, and standards related to cyber security, with experience working alongside Qualified Security Assessors (QSA) and auditors.
Resilience Officer:
Proven ability to develop a resilient cyber security environment through business continuity and disaster recovery strategies, as well as effective incident and crisis management.
GRC Officer:
General experience in GRC-related tasks.
To excel in this role, candidates should demonstrate:
Strong experience in guiding a global organization towards a robust and sustainable approach to modern cyber security. In-depth knowledge of legal regulations, international standards, and best practices in cyber security risk management, including ISO 27000/22301/31000, NIST 800, PCI-DSS, GDPR, NIS2, DORA. Extensive experience in implementing and managing cyber security-focused controls. Strong collaboration skills, as this role requires close interaction with various internal and external stakeholders.Skill Requirements:
We utilize the Chartered Institute of Information Security (CIISEC) roles framework. Skills and levels can be found on their website.
Governance (5) Legal & Regulatory Compliance (5) Policy & Standards Development (5) Information Risk Management (5) Risk Assessment (5) Incident Management & Response (5) Innovation & Business Improvement (5) Communication & Knowledge Sharing (5)Additional Information
These positions are full-time and permanent. The work structure is hybrid.
The team offers:
Benefits
H&M Group provides attractive benefits and extensive development opportunities worldwide. Employees receive a staff discount card applicable to all H&M Group brands in stores and online. Additional local market benefits may vary based on employment type and location.
Inclusion & Diversity
H&M Group is committed to fostering inclusive, diverse, and equitable workplaces. We value a variety of perspectives and experiences, believing that diversity enhances our ability to tackle challenges and connect with colleagues and customers globally.
We aim for a fair recruitment process and kindly request that candidates refrain from attaching cover letters, as they may introduce unintentional biases.
Company Overview
H&M Group encompasses a family of brands, including H&M, COS, Weekday, Monki, H&M HOME, & Other Stories, ARKET, and Afound. Our people drive our commitment to fostering meaningful growth and promoting sustainable lifestyles. Join us in reimagining fashion and reshaping the industry.