Cyber Defence Analyst
Stockholm, Stockholms län, Sweden
H&M Group
We are a family of brands, driven by our desire to make great design available to everyone in a sustainable way.Job Description
Working in the H&M Cyber Defence Centre, you will work with world class tooling for threat hunting, detection and response based on cloud technology (e.g. Azure Sentinel, Defender for Endpoint, Defender for O365, GCP SCC, Akamai, and more) with a dedicated team of DevOps engineers constantly develop tooling to support analysis, response and automations.
Our Cyber Defense Centre is the beating heart in the defence of our company, combining intelligence, monitoring, incident response and threat hunting with an engineering mindset to make the most out of people and technology.
WHAT YOU’LL DO
As a Cyber Defence Analyst in our Cyber Defense Centre team, you play a key role in H&M Group’s Cyber Defence. You understand cyber security threats and the threat landscape. You will act to detect, analyse and respond to cyber-attacks, manage incidents and reduce risk to customers, colleagues, partners and the company. You will work with the team to improve the capabilities to reduce response time but at the same time maintain quality. We are taking advantage of the latest technology in intelligence and automation. Ultimately the aim is to bring value to our business by reducing risk!
In this role you will be responsible for:
- Analyse security incidents, alerts, and events.
- Investigate incidents according to SOP: s and best practice.
- Perform remediation activities according to SOP: s and best practices.
- Interaction with key stakeholders to support investigation and remediation.
- Escalation and investigation of major incidents according to SOP:s
- Support major and crisis incident response activities.
- Improve and develop detection, whitelisting, SOP:s, and automation for incident and alert handling.
- Optimize security tools to improve monitoring and defence capabilities, including cloud security solutions.
- Conduct vulnerability assessments and collaborate with cross-functional teams to implement remediations.
Qualifications
WHO YOU ARE
- Understanding of cloud security principles and architectures across various platforms (e.g., AWS, Azure, Google Cloud, or private cloud environments).
- Proficiency in cloud-native security tools for monitoring, threat detection, and incident response.
- Proficiency in Identity and Access Management (IAM), virtualized network security, and cloud compliance standards.
- Proven experience in monitoring, analysing and responding to security incidents.
- Experience with developing custom detection in either SIEM, XDR, EDR, or NDR solutions and understands the logic behind it.
- Good understanding of networking concepts (e.g., TCP/IP, DNS, VPNs) and protocols, knowledge in packet capture analysis tools (e.g., Wireshark, TCPdump), and intrusion detection techniques.
- 2-4 years of relevant experience in roles such as SOC analyst, CSIRT member, or similar cybersecurity positions.
- Ability to work independently on incident response and collaborate effectively with other teams.
- Strong analytical and problem-solving skills
- Ability to ensure chain-of-custody protocols and report findings in a clear, detailed manner.
Additional Information
WHO WE ARE
H&M is a fashion brand that offers the latest styles and inspiration, from fashion pieces and unique designer collaborations to affordable wardrobe essentials. Our business idea is fashion & quality at the best price in a sustainable way. Learn more about H&M here.
WHY YOU’LL LOVE WORKING HERE
Benefits
We offer all our employees at H&M Group attractive benefits with extensive development opportunities around the globe. All our employees receive a staff discount card, usable on all our H&M Group brands in stores and online. Brands covered by the discount are H&M (Beauty and Move included), COS, Weekday, Monki, H&M HOME, & Other Stories, ARKET, Afound. In addition to our staff discount, all our employees are included in our H&M Incentive Program – HIP. You can read more about our H&M Incentive Program here.
In addition to our global benefits, all our local markets offer different competitive perks and benefits. Please note that they may differ between employment type and countries.
Inclusion & Diversity
H&M is a part of H&M Group. At H&M Group, we’re determined to create and maintain inclusive, diverse and equitable workplaces throughout our organisation. Our teams should consist of a variety of people that share and combine their knowledge, experience and ideas. Having a diverse workforce leads to a positive impact on how we address challenges, on what we perceive possible and on how we choose to relate to our colleagues and customers all over the world. Hence all diversity dimensions are taken into consideration in our recruitment process.
We are committed to a recruitment process that is fair, equitable, and based on competency. We therefore kindly ask you to not attach a cover letter in your application.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Automation AWS Azure Cloud Compliance CSIRT Cyber defense DevOps DNS EDR GCP IAM Incident response Intrusion detection Monitoring Network security Sentinel SIEM SOC TCP/IP Threat detection VPN XDR
Perks/benefits: Team events
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.