Who we are

At Ikano Bank, we believe work should feel meaningful and inspiring. Together, we create a great place to work where people are inspired to be the best they can be while contributing to a better life for our customers and the long-term success of the Bank. Guided by our Swedish heritage and values, common sense and simplicity, working together and daring to be different - we keep things straightforward and down-to-earth.

If you like the idea of being part of a team that works hard, enjoys solving challenges together and dares to do things a little differently, you will feel right at home here.

Digital is the driving force behind the bank’s technology and innovation. We deliver secure, reliable and competitive products that keep the bank ahead, while enabling growth and expansion into new markets. Digital is not just about keeping systems running - it is about shaping the future of banking. This is where technology meets opportunity, and where talent drives global impact.

About the role

We are now looking for a Security Champion to strengthen our Digital Cybersecurity, Risk & Compliance function at Ikano Bank.

In this role, you will take ownership of the Application Security domain and work closely with development teams to ensure that applications and code released into production are built with security by design.

This is a hands-on technical role where you will combine deep application security knowledge with close collaboration across development, DevOps and cybersecurity teams. You will act as a Security Champion within the organization - supporting, challenging and guiding teams in secure software development practices throughout the entire software development lifecycle.

We are looking for someone who enjoys digging into code, understanding how applications work and helping engineering teams build secure, scalable and maintainable solutions.

What you will do

• Drive and support security throughout the Software Development Lifecycle as a Security Champion

• Work closely with development teams to identify, address and mitigate security vulnerabilities in applications, code, libraries and dependencies

• Review code from a security perspective and support engineering teams with secure coding best practices and security-by-design principles

• Investigate non-functional security requirements and support implementation within development teams, platforms, products and solutions

• Work with security controls, requirement management and implementation assurance to ensure proper security implementations across applications, components and platforms

• Work with application security tooling and practices such as SAST, DAST, SCA and security orchestration tools

• Participate in threat modeling, risk modeling, security assessments, design reviews and configuration reviews to identify and address potential security threats and vulnerabilities

• Lead discussions with relevant stakeholders on how to secure applications, architectures and technical solutions

• Write shared libraries and reusable security components supporting implementation of non-functional security requirements

• Define, establish and support implementation of security requirements and controls for modules, squads and development teams

• Investigate and understand vulnerabilities in code, libraries and dependencies to assess application exposure, security posture and risk

• Stay up to date on emerging threats, technologies and modern cybersecurity practices to continuously improve the Bank’s security posture

• Support security incident management activities with application security expertise when needed

• Contribute to broader operational cybersecurity activities together with the wider security organization

We believe you have

• Several years of experience and expertise within Application Security and areas within the IT Security domain

• Experience and expertise working with modern backend development environments in Java, preferably also C#

• Previous experience working in the role as a Security Champion or in a similar engineering-near security role

• Strong technical understanding of software development and secure coding practices

• Ability to drive security requirements within modern DevSecOps environments and identify vulnerabilities as well as logical implementation issues in code

• Experience of Github, Github Actions andDocker

• Deep knowledge about Oauth2, OpenID Connect and other authentication methods

• Hands-on experience working with components within SDLC such as SAST, DAST, SCA etc.

• Experience working closely with DevOps and development organizations

• Deep knowledge of security in Lean-Agile & DevSecOps working methodologies

• Understanding of threat modeling, attack techniques and how to mitigate modern application security risks

• Experience working in hybrid environments incorporating on-premises, private & public cloud and XaaS delivery models

• Ability to translate security requirements into practical implementations, configurations and real-world development scenarios.

• Experience with threat modeling methodologies such as STRIDE

• Experience mitigating vulnerabilities related to OWASP Top 10 and SANS25

• Relevant certifications such as CISSP, CCSP, OSCP or cloud-related security certifications

• Interest and knowledge in AI-assisted development and modern development tooling

• Strong communication skills and ability to explain technical concepts to non-technical stakeholders

• Excellent verbal and writing communication skills in English

Who you are

You are someone who enjoys understanding how systems and applications work in practice and who is motivated by identifying vulnerabilities and improving security in real-world development environments.

You are collaborative, pragmatic and comfortable working close to engineering teams. You enjoy sharing knowledge, discussing technical solutions and helping others build secure applications in a practical and sustainable way.

You are likely someone who:

• enjoys solving complex technical problems,

• stays curious about the evolving cybersecurity landscape,

• and believes strong security is built together with engineering teams.

Why join us?

At Ikano Bank, you will have the opportunity to help shape and strengthen the future of Application Security within an international banking environment.

You will join a collaborative cybersecurity team where different security domains work closely together and support each other across the Bank. You will have significant ownership within your domain and play an important role in building secure-by-design practices together with our development organization.

Ready to apply?

If this sounds like your kind of challenge, we would love to hear from you!

You do not have to tick every single box. What matters most is your drive, your ideas and your willingness to grow with us.

Apply today and let us build something different together.