Department: Zalando Technology Foundation
Hiring Manager: Florence Mottay, VP Information Security
Team Leadership: Currently, the span of control is six (including open positions), and it will increase to seven by the end of 2025. The total team size is 26.
THE ROLE & THE TEAM
As the Director of Security Engineering and Operations you will have a broad scope, encompassing among others Zalando SE, Zalando Shenzhen, and ZEOS. You will lead several critical teams, including:
The Security Operations Center (SOC), responsible for real-time threat detection and response.
The Computer Security Incident Response Team (CSIRT), which manages incidents, conducts forensic analysis, and implements remediation.
The Cyber Threat Intelligence Team, tasked with gathering and analyzing threat intelligence.
The Detection Engineering Team, focused on developing threat detection capabilities.
The Cloud Security Infrastructure Engineering Team, ensuring the security of our cloud infrastructure.
As Zalando’s Information Security Team, our mission is to identify, protect against, detect, respond to, and recover from cyber incidents - enabling our Zalandos to work in a stable, secure, and privacy-conscious environment.
We strive to be a security team that aligns with the engineering spirit of our company: innovative, agile, and automation-driven. Our vision is to seamlessly embed security into daily operations, empowering employees with built-in, frictionless security controls. By leveraging automation and self-service solutions, we aim to enhance security without slowing down productivity, enabling a culture where security is intuitive, scalable, and an enabler of innovation.
WHAT WE’D LOVE YOU TO DO (AND LOVE DOING)
Collaborating with the CISO, security leadership and senior leadership, building and maintaining our capability to enable data and intelligence driven approach to defensive and offensive security operations
Leading cross-functional teams to develop and execute a comprehensive defensive/ offensive security strategy that aligns with Zalando’s goals and risks.
Taking ownership of both leading and coordinating resources throughout the investigation, remediation and reporting of security incidents.
Executing the defined roadmap, including automation and self-service initiatives.
Preparing Zalando to respond to cyber security incidents through the ongoing development and maintenance of the incident response plan, use cases, playbooks and other important documentation such as standard operating procedures
Planning and executing cyber security exercises, providing assurance and insights that Zalando’s preparation for responding to major cyber security incidents is sound
Enhancing Security Operations Center’s incident response capability through the identification and implementation of tools, processes, and data sources that will enable effective incident command outcomes and drive more efficient response to security incidents
Identifying and reporting the most important metrics and KPIs to measure the success of SecOps
Evaluating, implementing, and managing security technologies relevant for the SecOps scope
Leading a team of analysts and engineers, and supporting them to reach their full potential as security advocates and incident responders.
WE'D LOVE TO MEET YOU IF
You gained extensive professional experience in information security in an international, cross-functional environment.
You have proven experience in security incident management and offensive security activities in leadership roles.
You possess in-depth knowledge of security best practices, standards and regulations.
You are an experienced executive with excellent communication and stakeholder management skills, aiming to form strong relationships with director-level peers and VPs.
You are experienced in leading senior teams of security experts, including leadership of leaders.
You work collaboratively within product and internal project teams, delivering large and complex products and features.
You are an analytical thinker which enables you to analyze critical systems to understand both how to break them and defend them against attack.
OUR OFFER
Zalando provides a range of benefits, here’s an overview of what you can expect. Ask your Talent Acquisition Partner to learn more about what we offer.
Employee shares program
40% off fashion and beauty products sold and shipped by Zalando, 30% off Lounge by Zalando, discounts from external partners
2 paid volunteering days a year
Hybrid working model with up to 60% remote per week, actual practice is up to each team to best support their collaboration
Work from abroad for up to 30 working days a year
27 days of vacation a year to start for full-time employees
Relocation assistance available (subject to prior agreement)
Family services, including counseling and support
Health and wellbeing options (including Wellhub)
Mental health support and coaching available
Drive your development through our training platform and biannual peer-to-peer review
INCLUSIVE BY DESIGN
At Zalando, our vision is to be the leading pan-European ecosystem for fashion and lifestyle e-commerce - one that is inclusive by design. We only assess candidates based on qualifications, merit, and business needs. We welcome applications from people of all gender identities, sexual orientations, personal expressions, racial identities, ethnicities, religious beliefs, and disability statuses. We only want to know why you’re great for this role, so please avoid including your picture, age, and marital status in your CV as well.
We want to provide you with a great candidate experience. Please feel free to inform us of any accommodations you may need, so we can best support and assist you throughout the hiring process.
do.BETTER - our diversity & inclusion strategy: https://jobs.zalando.com/en/our-culture/diversity-and-inclusion