Attack Surface Reduction Analyst - H&M Group

H&M Group | Stockholm

Description : Attack Surface Reduction Analyst. Company : H&M Group. Location : Stockholm

Company Description


At H&M Group, we believe in making great design available to everyone. It’s essential in everything we do. Our family of brands — H&M, COS, Monki, Weekday, & Other Stories, H&M Home, ARKET, Afound and Itsapark — offer customers around the world a wealth of fashion, beauty, accessories and homeware, as well as modern menus with fresh and local produce at some of the brands’ in-store eateries. But design is so much more than just products; it’s about clever design processes, efficient product flows, creating experiences that enrich, and smart solutions that benefit all our customers.

Sustainability is always at the core of our business. Not only because we like to do what’s right — but it’s also beneficial for our business. We will continue to push for change and lead the way towards a more inclusive and sustainable fashion future.

Do you want to join us? We will trust you with great responsibility right from the start, reward a passionate mindset and encourage an entrepreneurial spirit. When you start a career with H&M Group, there’s no limit to where it can take you.


Job Description


Attack Surface Reduction team helps and contribute to improve the security posture of H&M by working in Agile model. We play a crucial role in proactively identifying and help in mitigating potential security risks and vulnerabilities across H&M's systems, applications, and networks, with the aim of preventing unauthorized access, data breaches, and other security incidents.

We are seeking a skilled and experienced Senior Attack Surface Reduction Analyst with a strong background in penetration testing to join our cybersecurity team. The successful candidate will be responsible for identifying potential security risks and vulnerabilities in our organization's systems, applications, and networks, performing penetration testing, and facilitating and managing third-party penetration testing engagements.


Qualifications


Responsibilities

In this role we believe you will be responsible for:

  • Conduct regular security assessments of our organization's systems, applications, and networks to identify potential security risks and vulnerabilities.
  • Perform penetration testing and vulnerability scanning to identify weaknesses in our organization's systems, applications, and networks.
  • Facilitate and manage penetration testing engagements with third-party vendors.
  • Collaborate with other members of the cybersecurity team to develop and implement strategies to reduce our attack surface.
  • Develop and maintain security policies and procedures for our organization's systems, applications, and networks.
  • Monitor our organization's systems, applications, and networks for unauthorized access, suspicious activity, and other security threats.
  • Work with other departments within our organization to implement security best practices and ensure compliance with relevant industry standards and regulations.
  • Keep up to date with the latest security threats, trends, and best practices, and make recommendations for improving our organization's security posture.

Qualifications

  • Bachelor's degree in computer science, Cybersecurity, Information Technology, or a related field.
  • Minimum of 5 years of experience in a similar role, with a focus on attack surface reduction and offensive security testing.
  • Strong knowledge of security assessment tools, vulnerability scanning, and penetration testing.
  • In-depth understanding of security best practices and industry standards, such as NIST, ISO, and CIS.
  • Excellent analytical, problem-solving, and communication skills.
  • Relevant certifications, such as SANS, OSCP, OSEP, CompTIA Security+ or CREST are a plus.

Additional Information


This is a full-time position with placement in Stockholm. If you feel that your experience, skills and ambitions are right for this role, please send your resume (no need for cover letter) latest by 2023-05-31. If any questions, please contact Talent Acquisition Partner Prianka Raina at [email protected].

We look forward to receiving your application!

H&M Group is committed to creating a Diverse & Inclusive environment and we are actively looking for qualified candidates irrespective of race, gender, gender identity, sexual orientation, ethnicity, religion, national origin, disability, or age.