Current jobs related to Senior Cyber Security Governance, Risk and Compliance Specialist - Stockholm, Stockholm - H&M Group


  • Stockholm, Stockholm, Sweden H&M Group Full time

    Company OverviewH&M Group is a leading fashion retailer with a strong commitment to cybersecurity and data privacy. Our Cyber Security & Privacy Unit is responsible for ensuring the protection of our company's critical data, infrastructure, and customers from potential cyber threats.Job SummaryWe are seeking a skilled Cyber Security and Compliance Specialist...


  • Stockholm, Stockholm, Sweden Spotify Full time

    Job Title: Senior Security Governance, Risk, and Compliance ManagerSpotify is seeking a highly skilled Senior Security Governance, Risk, and Compliance (GRC) Manager to join the Security Studio. As a key member of the team, you will work closely with engineering teams and audit functions to drive the execution of tasks for the Security GRC Program.Key...


  • Stockholm, Stockholm, Sweden H&M Group Full time

    Cyber Security GRC RoleWe are seeking a highly skilled Cyber Security GRC professional to join our team at H&M Group. As a key member of our Cyber Security GRC unit, you will play a crucial role in embedding defined standards and regulatory frameworks within information and IT security.Key Responsibilities:Develop and maintain a structured approach to cyber...


  • Stockholm, Stockholm, Sweden Spotify Full time

    Job SummarySpotify is seeking a Senior Security Governance, Risk, and Compliance (GRC) Manager to join the Security Studio. The successful candidate will work closely with our engineering teams and audit functions to drive SOC 2 compliance and other compliance and information security frameworks. Key responsibilities include leading the SOC 2 compliance...


  • Stockholm, Stockholm, Sweden H&M Group Full time

    Job Overview We are seeking an experienced Cyber Security GRC Specialist to join our team at H&M Group. In this role, you will play a crucial part in embedding defined standards and regulatory frameworks within information and IT security to ensure risk supervision and business continuity. As a Cyber Security GRC Specialist, you will be strategically...


  • Stockholm, Stockholm, Sweden Intrum Full time

    Job Title: Global Information Security Manager - IT Risk GovernanceAt Intrum, we're seeking a highly skilled Global Information Security Manager to join our team. As a key member of our Global Information Security function, you'll play a critical role in protecting our digital assets and managing IT risks.Key Responsibilities:Develop and maintain the IT risk...

  • Cyber Security

    2 weeks ago


    Stockholm, Stockholm, Sweden H&M Group Full time

    Job SummaryThe Cyber Security & Privacy Unit at H&M Group is seeking a highly skilled Cyber Security & Privacy Specialist to join our team. As a key member of our team, you will be responsible for ensuring the protection of our company's critical data, infrastructure, and customers from potential cyber threats.Key ResponsibilitiesDevelop, implement, and...


  • Stockholm, Stockholm, Sweden Nordea Bank Full time

    Job Opportunity:We are seeking a highly skilled Lead Compliance Officer to join our Compliance Risk Governance team. As a key member of the team, you will play a crucial role in performing and advising on Compliance Risk identification and registration processes.About the Role:As the Lead Compliance Officer, you will be responsible for supporting the Group...


  • Stockholm, Stockholm, Sweden Intrum Full time

    At Intrum, you will contribute to the company's goal of making a difference. You will do it in a highly international environment and in a supportive culture where effort counts.The Global Information Security Manager (GISM) – IT Risk Management, plays a crucial role in our efforts to protect digital assets and manage IT risks. This vital role involves...


  • Stockholm, Stockholm, Sweden H&M Group Full time

    About the RoleWe are seeking a highly skilled PCI Compliance Specialist to join our Cyber Security and Privacy Unit at H&M Group. As a PCI Compliance Specialist, you will be responsible for ensuring the protection of our company's critical data, infrastructure, and customers from potential cyber threats.Key ResponsibilitiesDevelop, implement, and maintain...


  • Stockholm, Stockholm, Sweden H&M Group Full time

    Job DescriptionThe role of a Cyber Security IAM Analyst is to work with various departments within an organization to drive identities and access control initiatives for internal policies, regulatory compliance, and industry standards. As an IAM Analyst, you can work on different aspects of IAM, including analyst, engineer, and administrator roles.You will...


  • Stockholm, Stockholm, Sweden Vipas AB Full time

    Job Description:At Vipas AB, we're seeking a skilled Cyber Security Specialist to join our team. As a key member of our IT consulting department, you will play a crucial role in ensuring the security of our clients' information systems.About the Role:As a Cyber Security Specialist, you will work closely with our IT architects and system engineering teams to...


  • Stockholm, Stockholm, Sweden H&M Group Full time

    About the Role:Cyber Security Engineers at H&M Group implement security controls to ensure the confidentiality, integrity, and availability of sensitive data.Key Responsibilities:Support tech delivery teams with expert security knowledge in cloud, network security, data protection, and more.Design, build, test, deploy, and confirm security compliance for...


  • Stockholm, Stockholm, Sweden H&M Group Full time

    Job SummaryWe are seeking a highly skilled Cyber Security Manager to join our team at H&M Group. As a Cyber Security Manager, you will be responsible for leading a team of cyber security professionals, driving the PCI program, and ensuring compliance with relevant laws and regulations.ResponsibilitiesLead a team of cyber security professionals driving the...


  • Stockholm, Stockholm, Sweden H&M Group Full time

    Job DescriptionThe role of an Identity and Access Management Analyst is to collaborate with various departments within an organization to drive identities and access control initiatives in support of internal policies, regulatory compliance, and industry standards. The IAM Analyst can work with and focus on different aspects of IAM, including analyst,...


  • Stockholm, Stockholm, Sweden H&M Group Full time

    Cyber Security & Privacy Unit LeadAbout the RoleWe are seeking a highly skilled and experienced Cyber Security & Privacy Unit Lead to join our team at H&M Group. As a key member of our Cyber Security & Privacy Unit, you will be responsible for leading a team of cyber security professionals in driving the PCI program, security-related internal and external...

  • Senior IT Auditor

    2 months ago


    Stockholm, Stockholm, Sweden zeroG - AI in Aviation Full time

    About the RoleWe are seeking a highly skilled Senior IT Auditor to join our team at zeroG - AI in Aviation. As a Senior IT Auditor, you will play a critical role in assessing and mitigating technology-related risks that could impact our business operations.Key ResponsibilitiesAssess and evaluate technology-related risks, including cyber security, data...


  • Stockholm, Stockholm, Sweden Belmont Lavan Ltd Full time

    We are seeking a Governance Specialist to join Belmont Lavan Ltd.The ideal candidate will be responsible for maintaining effective governance processes and frameworks within the organization.Main responsibilities:Develop and implement governance policies and procedures.Conduct regular risk assessments and identify areas of improvement.Monitor compliance with...


  • Stockholm, Stockholm, Sweden H&M Group Full time

    Job DescriptionThe role of an Identity and Access Management Analyst is to work closely with various departments within an organization to drive identities and access control initiatives in support of internal policies, regulatory compliance, and industry standards.ResponsibilitiesEnforce company policies and procedures related to identity and access...


  • Stockholm, Stockholm, Sweden Vipas AB Full time

    About Vipas ABVipas AB is a leading IT consulting company that delivers tailored solutions using cutting-edge technologies. Our team is well-versed in software development, DevOps, and engineering, bringing years of experience and expertise.Job DescriptionWe are seeking a highly skilled Cyber Security Engineer to join our team. As a Cyber Security Engineer,...

Senior Cyber Security Governance, Risk and Compliance Specialist

2 months ago


Stockholm, Stockholm, Sweden H&M Group Full time

Job Overview

The Cyber Security Governance, Risk and Compliance (GRC) team is integral to the H&M Group, focusing on the implementation of established standards and regulatory frameworks within the realms of information and IT security. This unit is responsible for ensuring effective risk management and business continuity, which includes auditing compliance and overseeing the identification, evaluation, and mitigation of technology and cyber security risks.

Key Focus Areas:

Governance: Develop a structured approach to cyber security by aligning processes and functions to meet organizational goals and enhance the security culture.

Risk Management: Identify, evaluate, address, and mitigate cyber security and technology risks while ensuring ongoing monitoring.

Compliance: Ensure adherence to both global and local laws, standards, and regulatory requirements in the cyber security domain.

Resilience: Maintain the ability to deliver intended outcomes despite facing challenging cyber incidents.

Collaboration is key as we work closely with various departments, continuously striving to improve our services and processes.

Our objective is to establish a cohesive, systematic, and risk-based approach that enables H&M Group to achieve a robust and resilient cyber security posture compliant with all relevant regulations. The advantages of this approach include reduced costs, minimized duplication of efforts, enhanced visibility into risks, improved data accuracy and consistency, and better alignment among stakeholders.

We are seeking four senior professionals for the GRC unit, each focusing on specific areas: In this role, you will report directly to the Unit Manager for Cyber Security GRC.

Risk Officer:
Responsible for maintaining H&M Group's Cyber Security Risk Management Framework at a global level and driving continuous risk management efforts across both enterprise and operational levels within BT Cyber Security.

Compliance Officer:
Tasked with ensuring the Cyber Security Common Control Framework (CCF) is current for all applicable markets, and strategically designing the annual Audit Plan and Program for H&M Group and its vendors.

Resilience Officer:
Focused on keeping the Cyber Security Resilience initiatives updated across the organization, employing a systematic risk-based approach that encompasses Business Continuity, Disaster Recovery, and Crisis & Incident Management.

GRC Officer:
Engaged in all GRC areas, assisting with daily operations and specific improvement initiatives and projects.

All four roles will involve:

Defining and maintaining policies, processes, and procedures, along with creating guidelines and templates. Collaborating closely with internal and external stakeholders within their areas of responsibility. Continuously seeking opportunities to enhance the effectiveness and efficiency of cyber security controls and processes.

Qualifications

Candidates should possess 5-10 years of experience in cyber security and/or GRC-related roles, demonstrating expertise in their respective focus areas:

Risk Officer:
Experience in implementing risk management strategies related to cyber security, including identification, analysis, and mitigation planning at both enterprise and operational levels.

Compliance Officer:
Knowledge of legal requirements, best practices, and standards related to cyber security, with experience working alongside Qualified Security Assessors (QSA) and auditors.

Resilience Officer:
Proven ability to develop a resilient cyber security environment through business continuity and disaster recovery strategies, as well as effective incident and crisis management.

GRC Officer:
General experience in GRC-related tasks.

To excel in this role, candidates should demonstrate:

Strong experience in guiding a global organization towards a robust and sustainable approach to modern cyber security. In-depth knowledge of legal regulations, international standards, and best practices in cyber security risk management, including ISO 27000/22301/31000, NIST 800, PCI-DSS, GDPR, NIS2, DORA. Extensive experience in implementing and managing cyber security-focused controls. Strong collaboration skills, as this role requires close interaction with various internal and external stakeholders.

Skill Requirements:

We utilize the Chartered Institute of Information Security (CIISEC) roles framework. Skills and levels can be found on their website.

Governance (5) Legal & Regulatory Compliance (5) Policy & Standards Development (5) Information Risk Management (5) Risk Assessment (5) Incident Management & Response (5) Innovation & Business Improvement (5) Communication & Knowledge Sharing (5)

Additional Information

These positions are full-time and permanent. The work structure is hybrid.
The team offers:

An opportunity to work within one of the world's leading fashion groups. A significant chance to enhance cyber security on a global scale. Opportunities for professional and personal development through educational programs and networking.

Benefits

H&M Group provides attractive benefits and extensive development opportunities worldwide. Employees receive a staff discount card applicable to all H&M Group brands in stores and online. Additional local market benefits may vary based on employment type and location.

Inclusion & Diversity

H&M Group is committed to fostering inclusive, diverse, and equitable workplaces. We value a variety of perspectives and experiences, believing that diversity enhances our ability to tackle challenges and connect with colleagues and customers globally.

We aim for a fair recruitment process and kindly request that candidates refrain from attaching cover letters, as they may introduce unintentional biases.

Company Overview

H&M Group encompasses a family of brands, including H&M, COS, Weekday, Monki, H&M HOME, & Other Stories, ARKET, and Afound. Our people drive our commitment to fostering meaningful growth and promoting sustainable lifestyles. Join us in reimagining fashion and reshaping the industry.