ABOUT THE POSITION

Kreditz turns raw financial data into real-time insight for credit, risk, and identity decisions across Europe. To do that safely, we must move fast without breaking trust.

We already have a solid security baseline and hardened AWS environment in place. As our first dedicated Senior Cloud Security Engineer (DevSecOps), reporting directly to the CISO, you will take us to the next level: evolving our cloud governance, pipelines, and platform so that “secure by default” is built-in, automated, and scalable.

You will sit at the intersection of Security, Engineering, and DevOps – designing the guardrails, platforms, and pipelines that let our developers ship quickly and safely.

WHAT YOU WILL DO

Your mission is to make the secure path the easiest path for our engineers while maturing our cloud governance and security posture.

You will:

• Embed “Security as Code” into our platform, pipelines, and cloud governance model.

• Evolve our AWS multi-account setup and guardrails (Organizations, SCPs, Control Tower / Landing Zone patterns).

• Design and improve secure CI/CD pipelines in GitHub Actions, including dependency and container security, SBOM, and artifact integrity (today using Aikido Security).

• Secure our current ECS Fargate workloads and help shape our future container/orchestration direction.

• Turn regulatory requirements (e.g., DORA, ISO 27001, GDPR) into pragmatic controls and automation rather than paperwork.

• You will be a key voice in how our security tech stack and our governance model evolve over time.

Success means our teams ship faster, our governance scales cleanly as we grow, and our already hardened platform becomes even harder to break.

ABOUT YOU

We focus on conceptual mastery and problem-solving, not memorising syntax.

You likely:

• Have several years in DevSecOps, Security Engineering, or Platform/SRE roles with strong security responsibilities.

• Understand AWS security deeply: IAM design, isolation between workloads, secure networking, encryption, logging and monitoring.

• Have real experience with multi-account governance (Organizations, SCPs, account baselines; Control Tower / Landing Zone is a strong plus).

• Have strong hands-on Terraform experience managing cloud infrastructure at scale and designing reusable modules.

• Have built or operated CI/CD pipelines (ideally GitHub Actions) with security built in from the start, including secrets management and artifact integrity.

• Naturally think in policies, templates, and automation (“Security as Code”) rather than manual checklists.

• Can read and write production-quality code (for example in Go, Python, or Ruby) and enjoy collaborating closely with engineers.

• Have hands-on experience with application or platform security controls (e.g., SCA/SAST/DAST, container security, threat modelling, secrets management).

If you are not sure you tick every box but have strong Terraform-based cloud/platform experience and a clear security mindset, we would still like to hear from you.

THE CISO ADVANTAGE

You report directly to the CISO, which gives you:

• Strategic influence: You help set security and risk priorities, not just execute them.

• High visibility: Your work is visible at company leadership level and directly tied to customer and regulatory outcomes.

• Low friction: Fewer layers between you and decisions – sensible security improvements can move quickly.

• First-in builder role: You set the patterns and standards that future hires will follow.

HOW WE WORK

• Office-first team based in Danderyd, Stockholm – we work together on-site five days a week.

• Culture of kindness, ownership, and a bias to action.

• Security is an enabler, not a blocker – your job is to build guardrails, not gates.

APPOINTMENT OF ROLE

As soon as possible (we are flexible for the right candidate).

SCOPE

Full-time, permanent employment (tillsvidareanställning)

SALARY

Competitive salary

REPORTING

You will report to the company's CISO

WORKPLACE

Danderyd, Stockholm

CRIMINAL RECORDS EXTRACT

As part of our recruitment process we will ask you to present a clean criminal records extract

RECRUITMENT PROCESS

Ongoing selection, we review candidates continuously.
Last day for applications 9/1-2026

CONTACT

Lorenzo Puccio, VP Strategic Operations, lorenzo@kreditz.com 

For more information about the role feel free to reach out to our CISO, Magnus Sparf, magnus.sparf@kreditz.com