Job Title: Application Security Engineer 

Location: Helsingborg Sweden, Hybrid 

Company: Biltema Nordic Services 

About Us:

With a wide range of products for the whole family, Biltema is a strong brand with more than 190 stores around the Nordic region, with expansion plans for more. The success and vision are based on a simple concept that has been refined over the years; To make it easier financially for people to have a high-quality car, boat, home, tools and leisure goods and thereby create a richer leisure time for these people. They go their own way and have therefore chosen to invest in their own operation and development of, among other things, systems, and technical solutions. Biltema Nordic Services is a Biltema service company with various departments that together deliver a complete solution for the department stores' assortment and operations. The IT department in Helsingborg delivers systems and digital solutions in collaboration with Biltema's other companies within the Group for our Nordic markets. 

You will be part of a team which, together with the entire IT department, develop, manage, and support both proprietary products and systems, and also well-known systems from market-leading suppliers. Together with your colleagues, the mission is to develop, integrate, automate and secure Biltema's digital platforms and systems. 

Job Description: 

We are seeking a skilled Application Security Engineer with expertise in the Microsoft technology stack to join our security team. In this role, you will collaborate with developers, architects, and DevOps engineers to ensure secure design, development, and deployment of applications and services across on-premises and cloud environments (Azure). You will play a key role in identifying risks, implementing secure coding practices, and supporting security initiatives across the software development lifecycle. 

Key Responsibilities: 

• Embed security best practices into the SDLC/DevSecOps pipelines using Microsoft technologies (Azure DevOps, GitHub, Visual Studio, .NET). 
• Perform threat modeling, design reviews, and code reviews to identify and mitigate security risks. 
• Conduct application security assessments, penetration testing, and static/dynamic analysis (SAST/DAST) using Microsoft-native and third-party tools. 
• Build and maintain automated security controls in CI/CD pipelines (e.g., Azure DevOps pipelines, GitHub Actions). 
• Collaborate with developers to remediate vulnerabilities and promote secure coding practices in .NET, C#, and PowerShell. 
• Partner with cloud engineers to ensure secure deployment in Microsoft Azure, including use of Azure Key Vault, Azure AD, Microsoft Entra ID, and Defender for Cloud. 
• Drive adoption of security standards such as OWASP Top 10, NIST, and Microsoft Secure Development Lifecycle (SDL). 
• Investigate security incidents involving applications and support root cause analysis. 
• Develop training, documentation, and guidance to uplift application security awareness across development teams. 

Requirements: 

• Bachelor's degree in computer science, Cybersecurity, or related field (or equivalent work experience). 
• 3–5+ years of experience in application security, software development, or security engineering. 
• Hands-on experience with Microsoft development tools: .NET, C#, Visual Studio, Azure DevOps, GitHub. 
• Good knowledge with Azure cloud services, Power platform, Dynamics365 and their security features. 
• Experience with application security testing tools (SAST, DAST, SCA, IaC scanning). 
• Knowledge of identity and access management in Microsoft ecosystems (Azure AD / Entra ID, OAuth, OpenID Connect). 
• Strong understanding of secure coding practices and common vulnerabilities (OWASP Top 10, CWE, etc.). 
• Familiarity with Infrastructure as Code security (Terraform, Bicep, ARM templates) 
• Knowledge of regulatory compliance standards (e.g., ISO 27001, PCI DSS, GDPR) preferred. 

Benefits: 

• Competitive salary and benefits package 
• Opportunities for career growth and advancement 
• A collaborative and supportive work environment 
• Possibility to work from home two days a week 

Join our team at Biltema Nordic Services and play a key role in driving the success of our global IT security team!