As a Security Engineer, you'll join our central security team and work hands-on to strengthen our security posture across the organization. You'll help identify risks, investigate security incidents, review new solutions, and work closely with technology teams to ensure security is built into everything we do.
Support projects and technology teams with security guidance and security-by-design principles.
Conduct security reviews and risk assessments of applications, platforms, integrations, and third-party services.
Investigate and coordinate security incidents together with our MDR provider and internal teams.
Monitor and analyze security events through our SIEM platform and help improve detection capabilities.
Drive vulnerability management activities, including prioritization, remediation follow-up, and reporting.
Help develop and improve security controls aligned with frameworks such as ISO 27001, GDPR, PCI-DSS and the EU AI Act.
Contribute to security awareness initiatives and help promote a strong security culture across Strawberry.
Strong communication skills in English and either Swedish or Norwegian.
A practical and collaborative approach to solving security challenges.
The ability to explain security risks and recommendations to both technical and non-technical stakeholders.
Curiosity, initiative, and a genuine interest in cybersecurity.
Proven experience in information security, cyber security, or a similar security-focused role.
Experience conducting security reviews, risk assessments, or security testing activities.
Experience with incident response, security monitoring, or vulnerability management.
Familiarity with SIEM platforms and security operations processes.
Strong understanding of governance, risk, and compliance principles.
Understanding of network security, identity and access management (IAM), and modern security practices.
Knowledge of security frameworks and regulations such as CIS Controls, ISO 27001, GDPR, PCI-DSS, NIS2, or the EU AI Act.
Experience with security architecture reviews.
Experience with software security (DevSecOps)
Experience working with MDR or SOC providers.
Knowledge of cloud security and modern SaaS environments.
Experience with third-party risk management.
Familiarity with disaster recovery and business continuity planning.
Real Impact: Be part of a dynamic transformation and contribute directly to our success story.
Empowerment: Work in a flat organization built on trust, autonomy, and the power of individual initiative.
Growth & Development: Continuous opportunities to enhance your skills and advance your career.
Fun & Community: A vibrant work environment with plenty of social events and team-building.
Fantastic Perks: Great employee discounts (staff/friends/family rates) at all our hotels.
Hybrid Flexibility: Enjoy the best of both worlds with our hybrid model (three days in-person at our Oslo or Stockholm HQ).
Please note: We do not offer fully remote positions. Candidates must be located in, or willing to relocate to, Oslo or Stockholm.
