Information Security Engineer (Stockholm, SE)
At EasyPark, we love cities. We love them for work, for play and everything in between. That’s why our mission is to make life in cities that much easier – by taking care of the parking. With the use of technology, we break barriers, helping improve the urban experience. Our aim is to create a scenario where parking supply and driver demand are balanced not due to additional parking spots and fewer cars, but thanks to predictive technology that connects our users to available spots.
The Role
We’re seeking a skilled Security Engineer to strengthen our core product applications through advanced security design, code review, testing, and implementation. In this role, you’ll assess current security measures, build custom tools for enhanced controls, and collaborate with product teams to elevate their security expertise.
Key responsibilities include conducting system tests, supporting compliance, and responding quickly to security incidents. You’ll bring strong experience in application security, risk assessment, and cloud infrastructure, along with excellent communication skills to help teams adopt best security practices. If you’re passionate about building resilient, secure products, we want to hear from you!
Job Responsibilities:
- Maintaining a thorough understanding of product and infrastructure security throughout the Product and Technology ecosystem and enabling product teams in secure development and operations of their applications
- Planning, researching, and designing, and developing secure application security capabilities and CI/CD pipelines.
- Developing, reviewing, and collaborating on the configuration of cloud account configuration, network isolation, security groups, access policies, network policies, VPNs, and overall compute platform security, including both host-based and container-based workloads.
- Integrating identity management systems, digital certificates, and secrets management with application workloads.
- Reviewing vulnerabilities with teams and suggesting strategies and tactics for remediation.
- Validating security implementations and participating in remediation and risk acceptance efforts.
- Working with platform and product teams to implement disaster recovery procedures and conducting security breach drills.
- Responding quickly and effectively to all security incidents and providing post-event analyses.
- Guiding the overall security community, cultivating a sense of security awareness, and arranging for continuous education.
- Maintaining and contributing to a growing threat modeling program, and assisting teams continuous improvement in this area.
- Remaining up to date with the latest trends, standards, and products.
About you:
- A bachelor's or associate's degree in IT, computer science, or equal experience. Advanced education or training in cloud/application security is preferred.
- 5-10 years or more of experience in application development and security.
- Experience with AWS, including EKS, multi-account setups, GuardDuty, KMS, Config, SSM, CloudFront, Firewall Manager, Shield, Network Firewall, WAF, IAM, CloudTrail, Security Hub, Secrets Manager, Inspector, Global Accelerator, ELB, EC2, Athena
- A strong working knowledge of current application and infrastructure risks, secure application design, and operating systems including experience with various Linux distributions and mobile operating systems (Android and iOS).
- Experience developing solutions with Terraform, Terragrunt, and/or Crossplane.
- Experience implementing DevSecOps pipeline tools such as static application security testing (code scanning, dependency scanning, secret scanning) dynamic application security testing, interactive application security testing, container vulnerability scanning, and infrastructure vulnerability scanning
- Excellent teaching, problem-solving, communication, and interpersonal skills.
- Knowledge of multiple languages including but not limited to Java, Kotlin, JavaScript, NodeJS, Go, C-Sharp, Swift, Python, bash, and SQL
What We Offer
- Flexible ways of working: combine working from home with working from the office, whatever is agreed on within your team.
- Digital global onboarding: three days to indulge in learning & connecting with fellow new starters across the globe.
- Pension, insurances & health reimbursement: A competitive pension, in combination with the basic package of insurances
- Proactive health support: your wellbeing is important to us, which is why we offer proactive medical support, all depending on your need.
- Mental well-being support via Blue Call
- Wellness reimbursement: 5000 SEK/year