Arbetsbeskrivning
We are on a journey to transform our digital capabilities, bringing core business processes, people, data & technology together - an enabler for IKEA to become an even better home furnishing retailer in the future. A journey that needs passionate people who embrace change, dare to question and want to make a difference. If that sounds like you, come and join us. Together we can do great things!
About the role
We are seeking an experienced application security leader to plan, build, roll-out and enhance maturity and effectiveness of our application security program. In this role, you will lead application security initiatives and collaborate closely with our development, engineering and product teams to embed security into every stage of the software development cycle.
More specifically in this role, you will:
Define and execute roadmap/wished position for application security, aligning with business goals and compliance requirements.
Develop, implement and continuously improve secure software development lifecycle (SSDLC) policies, standards and guidelines aligning with industry standards (like OWASP, NIST)
Collaborate with digital development, software engineering and cloud platform teams to ensure that security practices are integrated into each stage of application development and deployment process in cloud
Contribute to assessment and integration of application security tools (e.g. SAST, SCA, DAST) in CI/CD pipelines to enable continuous security testing and control validation
Identify opportunities to automate security processes in the SDLC to increase efficiency and scalability across teams.
Provide expert guidance to developers on secure coding practices, threat modelling, risk assessment and remediation of identified vulnerabilities
Contribute to the design and delivery of security awareness and training programs for software developers and engineers to promote culture of security-by-design
Support our cybersecurity and digital product teams in investigating and mitigating application security incidents and vulnerabilities, including responsible disclosures
Establish relevant metrics and KPIs and regularly report on effectiveness and maturity of application security initiatives
About you
Are you a cybersecurity professional, passionate about building and implementing application security programs? Do you have a knack for spotting trends and finding creative solutions to complex problems? If so, then come join our small but fast-growing cybersecurity team at IKEA. We're a group of bright, energetic individuals who are dedicated to making healthy and sustainable living more accessible and affordable for everyone.
As our ideal candidate, you bring in a mix of deep application security expertise, excellent stakeholder management and strategic mindset to drive application security improvements across digital product areas. You have:
8+ years’ experience in application security, secure software development or DevSecOps preferably in a large enterprise with multiple product teams
Strong understanding of secure coding practices, common application vulnerabilities and attack vectors
Experience with application threat modelling, security testing and risk assessments
Proficiency in application security tools for SAST, DAST and SCA and preferably, experience in 1 or more programming languages like Java, Javascript, Python, C#
Familiarity with DevOps and CI/CI practices and experience integrating security within CI/CD pipelines
Knowledge of secure software development frameworks, methodologies and industry practices like OWASP SAMM, NIST SSDLC
Excellent communication and stakeholder engagement skills with ability to educate and steer cross-functional teams on application security priorities
About IKEA
At IKEA, we do things a little different. We think, differently. Act, differently. And work differently as well. We like to break things. Like rules. And then make things. Like music-playing lamps. And beds disguised as sofas. Even plant balls that help us look after our planet. It’s all part of our vision - to create a better everyday life for the many. And it’s been keeping our co-workers going for over 75 years. By 2030, we hope to help millions more look forward to going home. Maybe you can help us.
Are you looking for the challenge of your life? Come on board! You can find more information about our digital journey at Technology and Digital Career Hub at IKEA
The IKEA culture and values are very much a part of our business and day to day work life. For you to thrive and grow with IKEA it’s important for us that you share our values! You can read more regarding our values and life at IKEA on our website www.ikea.com or just watch this video: https://bit.ly/ikea-what-if
About The Area
IKEA Operations Management builds up, delivers, serves and supports shared data and technology for the IKEA value chain. Together we build a digital foundation to enable our core business partners and franchisees to work more efficiently and create a rewarding customer experience in an omnichannel world. Inter IKEA is on a journey to strengthen our ability to protect the IKEA brand from cyber risks and threats by developing, enhancing and implementing a set of cybersecurity capabilities.
Questions & Support? Let’s connect.
Additional Information
The closing date for this role is 16th December, 2024.
This role is full-time (40 hours per week) and will be based in Malmö, Sweden or Delft, the Netherlands. Interested? Please send your CV in English and don’t forget to attach a cover letter, telling us why you would be a good fit for this role. We are prioritising candidates with the right to work in Sweden or the Netherlands for this role.
Please note, formal interviews are taking place for this role in early January.
We look forward to receiving your application!