SEB

IT Security Specialist – Penetration Test Program Specialist | SEB, Sweden, Hybrid

SEB  •  Solna, SE (Hybrid)  •  5 months ago
Apply
Save Job
Mark Applied Mark Interviewed Mark Offered
Hide Job Report Job
AI can make mistakes so check important info. Chat history is never stored.

Job Description

SEB is more than just a bank with an IT function. We are a progressive tech company powered by innovation and fuelled by collaboration. From Java to AI and everything in between, we offer you an impressive tech stack and several technology paths. Together we’re innovating for a sustainable society and building the tech arena of the future, a welcoming space for everyone. Are you ready to take on a new challenge? If so, you’ll be interested in this opportunity!
About the role:As a Senior Security Specialist in our Operational Security Center (OSC), you will, together with other specialists, build and execute the SEB’s penetration testing program. You’ll design, establish, and continuously improve our yearly, risk-based program, coordinating complex engagements to ensure real risk reduction. This role covers the end-to-end lifecycle, from planning and contracting to oversight and remediation. You will set governance, streamline findings into vulnerability management, and build and run the annual pentest program, translating technical insights into actionable guidance for various stakeholders.
What You’ll DoBuild and run the annual pentest program Define scope, risk-based selection criteria, test types (manual pentest, red/purple teaming, security assessments), and yearly schedules aligned to business risk and regulatory expectations.Lead stakeholder contracting & coordination Drive contracts and Statements of Work with application teams, developers, CIF owners, and third-party testing providers; ensure clear RACI, timelines, and test constraints (e.g., production vs. non-prod, data handling).Operationalize outcomes Ensure findings are triaged, risk-rated, and tracked to closure; align with vulnerability management processes, SSDLC gates, and technology risk frameworks; publish metrics and dashboards.Governance & process improvement Maintain standards, methodologies (e.g., OWASP, PTES), and quality criteria; run program reviews, improve test quality, and evolve the service model.Enablement & communication Translate technical findings into clear, actionable guidance; brief leaders and non-technical stakeholders; coach teams on remediation patterns and secure design.

To thrive in this role, we believe you have:• Several years in cybersecurity, including some years leading pentest or security testing programs in complex, regulated environments.• Solid grasp of common attack vectors, application security, threat modelling, cloud testing, and familiarity with OWASP, MITRE ATT&CK etc. • Hands-on exposure to security tooling and pipelines (e.g., SIEM/SOAR, XDR, issue trackers, CI/CD/SSDLC).• Strong risk-based thinking, effectively aligning testing scope with business impact and regulatory needs.• Excellent communication and collaboration skills, including fluency in English and Swedish, to present confidently to diverse audiences.
What we offer:• Agile and modern ways of working• A flat hierarchy and openness to share ideas, opinions and points of views• Extensive training and learning opportunities• Long-term stability• Remote working possibilities and flexible work schedule
Do you want to be part of SEB?It is our fundamental belief that inclusion and diversity is crucial for our future success. We strive to have an inclusive, value-driven culture where employees feel valued, respected, and involved irrespective of who they are, what they believe or where they come from.
Since we select candidates continuously, feel free to send in your application today via the link in this ad, but no later than 2026-02-02 If you have questions about the position, please contact Torbjörn Askenberg, torbjorn.askenberg@seb.se, note that we will not process applications via email.
Please be aware that our final candidates undergo background checks, a process that includes for example identity control, verification of qualifications, credit checks, company engagements and history of crime. In some cases, we also apply random drug checks.
Learn more about working at SEB on our Career website or through our Career podcasts.
https://sebgroup.com/career https://bit.ly/SEBcareer
SEB Sweden has a redeployment responsibility, which is why this position might be covered by internal redeployment.
SEB

About SEB

SEB is a leading northern European financial services group with a strong belief that entrepreneurial minds and innovative companies are key in creating a better world.

SEB takes a long-term perspective and supports its customers in good times and bad. In Sweden and the Baltic countries, SEB offers financial advice and a wide range of financial services. In Denmark, Finland, Norway and Germany the bank's operations have a strong focus on corporate and investment banking based on a full-service offering to corporate and institutional clients.

The international nature of SEB's business is reflected in its presence in some 20 countries worldwide.

Read more about SEB at www.sebgroup.com

Privacy note about SEB’s processing of your personal data can be found at: www.sebgroup.com/legal-and-regulatory-information/privacy-at-seb-group

Content shared on this page may contain commercial information from SEB.

Industry
Finance & Insurance
Company Size
10,000+ employees
Headquarters
Stockholm, SE
Year Founded
1856
Website
sebgroup.com
Social Media