Job ID: REF19528J

Date posted: 22/10/2024

We are on a journey to transform our digital capabilities, bringing core business processes, people, data & technology together - an enabler for IKEA to become an even better home furnishing retailer in the future. A journey that needs passionate people who embrace change, dare to question and want to make a difference. If that sounds like you, come and join us. Together we can do great things!   

About the Job

We are seeking a passionate and skilled Threat Detection Leader to join our Global Security Operations & Incident Response team at Inter IKEA. Joining us as a Cybersecurity Leader for Threat Detection, you will be reporting to the Security Operations and Incident Response Manager. You will work with a team of cyber experts to enhance our ability to detect threats within our IKEA value chain. This senior technical role will allow you to apply your passion, engage with cutting-edge cybersecurity technologies, and collaborate with cross-functional teams to achieve impactful results. 

This is a senior technical contributor role that will enable you to deliver brilliant outcomes through your expertise, motivation to learn and collaboration with the team, while being hands-on in working with the latest and greatest cyber solutions.  

In this role, you will be responsible for enhancing critical cyber defence capabilities, including the continued development of our threat monitoring and sensor networks, Threat Detection and Threat Hunting. To enhance these capabilities, you will work closely with the SOC, Cyber Threat Intelligence and Cyber Engineering functions to prioritise enhancements that address the true risks faced by Inter IKEA and the wider value chain. You will also engage in cross-organizational networks, contributing to critical topics like Protect & Prevent, Cyber and Detection Engineering. 

You will have opportunities to contribute to connected teams and topics as we work in cross organisational networks. These allow like-minded and talented individuals from different teams to come together and contribute, especially to critical topics like Cyber Engineering and Detection Engineering. 

About you    

Are you a seasoned cybersecurity expert with a passion for solving complex problems and protecting critical assets? Do you excel in spotting trends and devising innovative security solutions? If so, join our dynamic and collaborative cybersecurity team at IKEA! We're a group of bright, energetic individuals committed to making sustainable living more accessible for all. 

We are looking for a senior Cybersecurity Expert with experience in Security Operations, Cyber Engineering, and Threat Detection. 

Required Strategic Contributions: 

• Analyse threat landscape, SOC incidents and Cyber Assessment reports to identify threat detection opportunities 

• With a deep understanding of the Inter IKEA SOC monitored landscape, close the identified visibility and capability gaps 

• Enhance and lead an innovative Threat Hunting capability 

• Embed Cyber Engineering practices into relevant Threat Detection workstreams 

• Contribute to the enhancement of detection and response workflows that leverage automation and orchestration 

Required Operational Contributions: 

• Development and maintenance of high-quality detection use cases, across a wide range of detection platforms 

• Foster a close relationship with the SOC and CTI teams, to maintain a deep understanding of the incident and threat landscape that will inform Threat Detection workstreams 

• Plan and deliver proactive threat hunting covering the whole Inter IKEA landscape  

• Lead in the topic of Threat Detection through active, hands-on contributions 

To be successful in this role, you should have:  

• Demonstrable experience in both Security Operations (Detect and Respond) and connected engineering areas 

• Expertise with scripting and query languages commonly used in SecOps environments 

• Hands-on experience with SecOps tools like Splunk (or other SIEM technologies), MDE, MDO, ServiceNow SecOps (or other SOAR tooling) 

• Ability to respond to changes and manage uncertainty in a fast-changing organizational environment 

• Knowledge of cyber security frameworks and best practices like NIST CSF, MITRE ATTACK, OWASP Top 10 

We believe that you are used to managing highly confidential information and to act with a strict level of integrity and professional discretion. You are comfortable with communicating and explaining security concerns and topics, to persons with and without solid understanding of information technology. With your excellent communication skills, you have the capability to build strong relations with both internal as external stakeholders.    

About the area   

IKEA Operations Management builds up, delivers, serves and supports shared data and technology for the IKEA value chain. Together we build a digital foundation to enable our core business partners and franchisees to work more efficiently and create a rewarding customer experience in an omnichannel world. Inter IKEA is on a journey to strengthen our ability to protect the IKEA brand from cyber risks and threats by developing, enhancing and implementing a set of cybersecurity capabilities. 

This role is full-time (40 hours per week) and will be based in Malmö, Sweden or Delft, the Netherlands. Interested? Submit your CV, in English, by 5 November. Please don't hesitate to apply or connect if you have any questions, we will interview continuously during advertising. Please note for this role we are prioritising candidates with the right to work in Sweden or the Netherlands.