PCI & Audit Officer

Company Description

Job Description

The Cyber Security & Privacy Unit is the trusted adviser to leaders and key-stakeholders. We provide a broad knowledge of Cyber Security and Data Privacy, our security and privacy strategies, architecture, policies and processes, our business and security roadmaps. We lead, secure, report and support on prioritization of Cyber Security & Privacy related matters. The Unit is also responsible for the PCI-DSS (Payment Card Industry) framework and implementation within the H&M Group.

Our mission

Our mission is to ensure the protection of our company's critical data, infrastructure, and customers from potential cyber threats. We are committed to providing expert guidance and advice to all stakeholders within the organization on best practices for mitigating cyber risks, as well as maintaining compliance with relevant laws and regulations.

Responsibilities:

• Develop, implement, and maintain the PCI-DSS compliance program.
• Coordinate and report regular audits and risk assessments to identify vulnerabilities and non-compliance issues.
• Ensure that our organization meets all regulatory requirements related to PCI-DSS.
• Work closely with our business partners to identify and mitigate risks related to the handling of payment card data.
• Provide guidance and support to business units to ensure that they are complying with PCI-DSS requirements.
• Develop and implement security policies and procedures to ensure that payment card data is secure.
• Drive and coordinate various audits within the Cyber Security space

Qualifications

Mandatory requirements, both competence and tools:

• 5+ years of experience in PCI-DSS compliance and audit in an enterprise environment.
• Strong understanding of PCI-DSS and related regulations.
• 5+ years of experience in External or Internal Audit.
• Ability to work with business partners to identify and mitigate risks.
• Excellent communication and interpersonal skills.
• Ability to work independently and as part of a team.
• CISSP, CISA or other related certifications are preferred but not mandatory.

Qualifying requirements:

• Experience of e-commerce technologies is a merit
• Experience of retail business is a merit
• Experience of other data privacy laws is a merit
• Experience of working in an agile organization
• You are open minded, trustworthy and a self-motivated team player
• You have an entrepreneurial spirit, have great personal ownership, work proactively and continuously improve activities in complex, quickly transforming environments
• English, oral and written fluently
• Swedish, oral and written is meriting

Additional Information

Working with tech at H&M Group

Shaping the future of fashion with people, data, and tech. The fashion and retail industries are going through a transformation, driven by customers' technology and sustainability expectations. At H&M Group, we want to shape the future of fashion and lifestyle by harnessing the power of smart tech and data. With our 74-year history of innovation, we understand the need to collaborate and co-create with engineers and tech specialists around the world to achieve our vision.

What we offer!

You are joining a unique value-driven culture, a large tech network and community where you can be yourself. Besides the obvious perks such as staff discount card, flexible work life, learning communities, wellness benefits, parental benefits etc. There are endless opportunities to experiment and grow in any direction that you want, and when you grow, we grow. Being a major player gives us countless opportunities to make a real impact and shape the future.

This is a full-time position with placement in Stockholm