Security Engineer

As a Security Engineer youll join our central security team and work hands-on to strengthen our security posture across the organization. Youll help identify risks investigate security incidents review new solutions and work closely with technology teams to ensure security is built into everything we do.

What Youll Do

• Support projects and technology teams with security guidance and security-by-design principles.

• Conduct security reviews and risk assessments of applications platforms integrations and third-party services.

• Investigate and coordinate security incidents together with our MDR provider and internal teams.

• Monitor and analyze security events through our SIEM platform and help improve detection capabilities.

• Drive vulnerability management activities including prioritization remediation follow-up and reporting.

• Help develop and improve security controls aligned with frameworks such as ISO 27001 GDPR PCI-DSS and the EU AI Act.

• Contribute to security awareness initiatives and help promote a strong security culture across Strawberry.

What Youll Bring

• Strong communication skills in English and either Swedish or Norwegian.

• A practical and collaborative approach to solving security challenges.

• The ability to explain security risks and recommendations to both technical and non-technical stakeholders.

• Curiosity initiative and a genuine interest in cybersecurity.

What Youll Need

• Proven experience in information security cyber security or a similar security-focused role.

• Experience conducting security reviews risk assessments or security testing activities.

• Experience with incident response security monitoring or vulnerability management.

• Familiarity with SIEM platforms and security operations processes.

• Strong understanding of governance risk and compliance principles.

• Understanding of network security identity and access management (IAM) and modern security practices.

• Knowledge of security frameworks and regulations such as CIS Controls ISO 27001 GDPR PCI-DSS NIS2 or the EU AI Act.

Nice to Have

• Experience with security architecture reviews.

• Experience with software security (DevSecOps)

• Experience working with MDR or SOC providers.

• Knowledge of cloud security and modern SaaS environments.

• Experience with third-party risk management.

• Familiarity with disaster recovery and business continuity planning.

What We Offer

• Real Impact: Be part of a dynamic transformation and contribute directly to our success story.

• Empowerment: Work in a flat organization built on trust autonomy and the power of individual initiative.

• Growth & Development: Continuous opportunities to enhance your skills and advance your career.

• Fun & Community: A vibrant work environment with plenty of social events and team-building.

• Fantastic Perks: Great employee discounts (staff/friends/family rates) at all our hotels.

• Hybrid Flexibility: Enjoy the best of both worlds with our hybrid model (three days in-person at our Oslo or Stockholm HQ).

Please note:We do not offer fully remote positions. Candidates must be located in or willing to relocate to Oslo or Stockholm.