Director of Security Engineering & Operations

Department: Zalando Technology Foundation

Hiring Manager: Florence Mottay, VP Information Security

Team Leadership: Currently, the span of control is six (including open positions), and it will increase to seven by the end of 2025. The total team size is 26.

THE ROLE & THE TEAM

As the Director of Security Engineering and Operations you will have a broad scope, encompassing among others Zalando SE, Zalando Shenzhen, and ZEOS. You will lead several critical teams, including:

• The Security Operations Center (SOC), responsible for real-time threat detection and response.

• The Computer Security Incident Response Team (CSIRT), which manages incidents, conducts forensic analysis, and implements remediation.

• The Cyber Threat Intelligence Team, tasked with gathering and analyzing threat intelligence.

• The Detection Engineering Team, focused on developing threat detection capabilities.

• The Cloud Security Infrastructure Engineering Team, ensuring the security of our cloud infrastructure.

As Zalando’s Information Security Team, our mission is to identify, protect against, detect, respond to, and recover from cyber incidents - enabling our Zalandos to work in a stable, secure, and privacy-conscious environment.

We strive to be a security team that aligns with the engineering spirit of our company: innovative, agile, and automation-driven. Our vision is to seamlessly embed security into daily operations, empowering employees with built-in, frictionless security controls. By leveraging automation and self-service solutions, we aim to enhance security without slowing down productivity, enabling a culture where security is intuitive, scalable, and an enabler of innovation.

WHAT WE’D LOVE YOU TO DO (AND LOVE DOING)

• Collaborating with the CISO, security leadership and senior leadership, building and maintaining our capability to enable data and intelligence driven approach to defensive and offensive security operations

• Leading cross-functional teams to develop and execute a comprehensive defensive/ offensive security strategy that aligns with Zalando’s goals and risks.

• Taking ownership of both leading and coordinating resources throughout the investigation, remediation and reporting of security incidents.

• Executing the defined roadmap, including automation and self-service initiatives. 

• Preparing Zalando to respond to cyber security incidents through the ongoing development and maintenance of the incident response plan, use cases, playbooks and other important documentation such as standard operating procedures

• Planning and executing cyber security exercises, providing assurance and insights that Zalando’s preparation for responding to major cyber security incidents is sound

• Enhancing Security Operations Center’s incident response capability through the identification and implementation of tools, processes, and data sources that will enable effective incident command outcomes and drive more efficient response to security incidents

• Identifying and reporting the most important metrics and KPIs to measure the success of SecOps

• Evaluating, implementing, and managing security technologies relevant for the SecOps scope

• Leading a team of analysts and engineers, and supporting them to reach their full potential as security advocates and incident responders.

WE'D LOVE TO MEET YOU IF

• You gained extensive professional experience in information security in an international, cross-functional environment. 

• You have proven experience in security incident management and offensive security activities in leadership roles.

• You possess in-depth knowledge of security best practices, standards and regulations.

• You are an experienced executive with excellent communication and stakeholder management skills, aiming to form strong relationships with director-level peers and VPs. 

• You are experienced in leading senior teams of security experts, including leadership of leaders.

• You work collaboratively within product and internal project teams, delivering large and complex products and features.

• You are an analytical thinker which enables you to analyze critical systems to understand both how to break them and defend them against attack.

OUR BENEFITS

Zalando provides a range of benefits, here’s an overview of what you can expect. Learn all about Zalando and our values here: https://jobs.zalando.com/en/our-culture

• Employee shares program

• 40% off fashion and beauty products sold and shipped by Zalando, 30% off Lounge by Zalando, discounts from external partners

• 2 paid volunteering days a year

• Hybrid working model with up to 60% remote per week, actual practice is up to each team to best support their collaboration  

• Work from abroad for up to 30 working days a year

• 27 days of vacation a year to start

• Relocation assistance available 

• Family services, including counseling and support

• Health and wellbeing options (including Wellhub "Gympass")

• Free access to mental health support and coaching