Unit Manager for Cyber Security & Technology Governance, Risk & Compliance
H & M Hennes & Mauritz Gbc AB / Datajobb / Stockholm
Observera att sista ansökningsdag har passerat.
Visa alla datajobb i Stockholm,
Solna,
Lidingö,
Sundbyberg,
Danderyd eller i
hela Sverige Visa alla jobb hos H & M Hennes & Mauritz Gbc AB i Stockholm,
Solna,
Järfälla,
Värmdö,
Eskilstuna eller i
hela Sverige Company Description
H&M Group is transforming the way it addresses the continuously evolving and complex cyber security threats and risks. To do this we have created a new Tech Centre focused solely on managing Cyber Security for all our brands and majority investments. Within this Cyber Security Tech Centre, we have a unit that will focus on improving the governance of technology and cyber security related risks as well as ensuring our technology teams operate and provide solutions that comply with the relevant technology and cyber security regulations. This role reports to the Chief Technology Risk Information Officer.
As the leader of the unit, you will be energetic and highly motivated in helping others understand and become advocates for the Cyber Security GRC unit. You will help define how technology and cyber security governance, risk and compliance are embedded in everything we do. You will be responsible for ensuring all the relevant policies, procedures, guidelines, and standards are in place, co-ordinate any audits related to technology or cyber security, ensure effective controls are implemented to achieve data protection, security, resilience and ensure that we comply with relevant regulatory requirements. You will help to secure the future success of H&M.
Job Description
In this role you will be responsible for:
Contributing to the Cyber Security strategy and ensuring their team is aligned with the strategy.
Professional development of staff to ensure they have relevant skills and qualifications.
Managing the day-today activities of Governance, Risk and Compliance unit and ensuring the unit is meeting its operational and performance objectives.
Unit level budgeting, planning, roadmaps.
Supporting the organization in making security accessible, understandable, and easy.
Defining and enforcing the policies, procedures, guidelines, standards associated with the team's security specialism.
Supporting the organization during a crisis.
Acting as an ambassador for Cyber Security and promoting safe and secure practices.
Ensuring the team complies with relevant legislation or regulatory requirements.
Formal staff responsibility, including salary review, performance dialogues and support in individual development plans and competence needs.
Qualifications
We are looking for the best! You must be an expert with 8+ years of experience within cyber security and how to meaningfully apply (at a global scale) best practices and standards associated with GRC e.g., ISO27001, IS270002, NIST 800, PCI-DSS, SOC2, etc. Expertise in cyber security maturity models e.g., c2m2.Strong experience of establish and operating business continuity management based on disaster recovery standards e.g., ISO27031.To succeed in the role, you should have:
Strong experience of implementing and operating cyber security focused risk management.
Strong experience of working within QSAs, Financial Controls auditors to deliver useful independent audits of an organization or division.
You must have helped a global organization to adopt a robust and maintainable approach to modern tech or cyber security related governance, risk, and compliance. You must be a great team player, as this role works closely with our Corporate Governance colleagues who oversee all forms of risk at H&M.
Skill Requirements: - (level)
We use the Chartered Institute of Information Security Roles framework (
www.ciisec.org ). You can find out more about the skills and levels on their website.
Governance (6)
Policy & standards (6)
Information risk management (6)
Data protection (4)
Privacy (4)
Management, leadership & influence (5)
Business skills
Internal & statutory audit (6)
To Stand out, we believe you have some of the following skills/ qualifications: -
Information security strategy (5)
Innovation & business improvement (5)
Behavioral change (5)
Legal & regulatory environment & compliance (5)
Third party management (5)
Threat intelligence, Assessment & threat modelling(5)
Risk assessment (5)
Incident management, incident investigation & response (5)
Research (5)
Communication & knowledge sharing (5)
Professional development (5)
What we offer
You are joining a unique value-driven culture, a large tech network and community where you can be yourself. Besides the obvious perks such as staff discount card, learning communities, wellness benefits, parental benefits and a flexible work life, there are a lot of opportunities to experiment and grow in the direction you want. Being a major player gives us countless opportunities to make a real impact and shape the future.
H&M Group is a value-driven company that wants to lead the way to a more inclusive environment. We are committed to create an inclusive & diverse workplace with a culture that is dynamic and innovative. We welcome your application regardless of who you are, where you're from and what you like. We welcome applicants with different backgrounds, perspectives, and skills. We welcome all applicants to strengthen our innovative and diverse culture.
Learn more about our I&D work
https://youtu.be/veRbl9Cijts Additional Information
This is a full-time position based in Stockholm.
We look forward to receiving your application!
Så ansöker du Sista dag att ansöka är 2023-08-19
Klicka på denna länk för att göra din ansökan Omfattning Detta är ett heltidsjobb.
Arbetsgivare H & M Hennes & Mauritz Gbc AB (org.nr 556070-1715)
Årstaängsvägen 13 (
visa karta)
117 75 STOCKHOLM
Arbetsplats IT-Avdelning
Jobbnummer 7976219
Observera att sista ansökningsdag har passerat.