Application Security Engineer Biltema

ABOUT THE POSITION AND THE COMPANY

With a wide range of products for the whole family Biltema is a strong brand with more than 190 stores around the Nordic region with expansion plans for more. The success and vision are based on a simple concept that has been refined over the years; To make it easier financially for people to have a high-quality car boat home tools and leisure goods and thereby create a richer leisure time for these people. They go their own way and have therefore chosen to invest in their own operation and development of among other things systems and technical solutions. Biltema Nordic Services is a Biltema service company with various departments that together deliver a complete solution for the department stores assortment and operations. The IT department in Helsingborg delivers systems and digital solutions in collaboration with Biltemas other companies within the Group for our Nordic markets.

You will be part of a team with 9 colleagues who together with the entire IT department develop manage and support both proprietary products and systems and also well-known systems from market-leading suppliers. Together with your colleagues the mission is to develop integrate and automate Biltemas digital platforms and systems.

YOU ARE OFFERED

• To work for a company with healthy values and play an important role in the future development of Biltemas systems.
• Work in an organization with clear leadership and a clear and long-term vision.
• The opportunity to work at a well-managed and very prosperous company that values entrepreneurship and simplicity.

WORK TASKS & RESPONSIBILITIES

We are seeking a skilled Application Security Engineer with expertise in the Microsoft technology stack to join our security this role you will collaborate with developers architects and DevOps engineers to ensure secure design development and deployment of applications and services across on-premises and cloud environments (Azure). You will play a key role in identifying risks implementing secure coding practices and supporting security initiatives across the software development lifecycle:

• Conduct application security assessments penetration testing and static/dynamic analysis (SAST/DAST) using Microsoft-native and third-party tools.
• Build and maintain automated security controls in CI/CD pipelines (e.g. Azure DevOps pipelines GitHub Actions).
• Collaborate with developers to remediate vulnerabilities and promote secure coding practices C# and PowerShell.
• Partner with cloud engineers to ensure secure deployment in Microsoft Azure including use of Azure Key Vault Azure AD Microsoft Entra ID and Defender for Cloud.
• Drive adoption of security standards such as OWASP Top 10 NIST and Microsoft Secure Development Lifecycle (SDL).
• Investigate security incidents involving applications and support root cause analysis.
• Develop training documentation and guidance to uplift application security awareness across development teams.

• Bachelors degree in computer science Cybersecurity or related field (or equivalent work experience).
• 35 years of experience in application security software development or security engineering.
• Hands-on experience with Microsoft development tools: .NET C# Visual Studio Azure DevOps GitHub.
• Good knowledge with Azure cloud services Power platform Dynamics365 and their security features.
• Experience with application security testing tools (SAST DAST SCA IaC scanning).
• Knowledge of identity and access management in Microsoft ecosystems (Azure AD / Entra ID OAuth OpenID Connect).
• Strong understanding of secure coding practices and common vulnerabilities (OWASP Top 10 CWE etc.).
• Familiarity with Infrastructure as Code security (Terraform Bicep ARM templates)
• Knowledge of regulatory compliance standards (e.g. ISO 27001 PCI DSS GDPR) preferred.

ADDITIONAL INFORMATION

Start: By agreement

Working hours: Standard office hours with the possibility for hybrid work.

Location: Helsingborg

Type of employment: This assignment is a recruitment and the employment will be directly with our client. Salary terms and conditions are discussed separately.

The recruitment process is managed by A-hub. Therefore Biltema Nordic Services requests that all inquiries regarding the position be directed to A-Hub.