Are you the Center Back in Spond's Defence? 

Spond believes that sports and activities should be simple to organize and accessible to all. Our platform already serves more than 3.5 million users every month, streamlining administration, communication, and payments for teams, clubs, and volunteers worldwide. Now, we’re taking the next step with leveraging data to optimize our platform. To enhance user experiences and drive strategic decisions.

To strengthen our security posture and drive key security initiatives across the entire platform and organization we are adding a Security Engineer to our team. This is a hands-on technical role with a high level of autonomy. You will be shaping security initiatives from strategy to execution, ensuring that security is a natural part of development at Spond.

The Role

We believe relevant candidates probably have experience as Backend or perhaps DevOps Engineers, but with ambitions to develop more in the field of security. As our Security Engineer, you will be trusted as a security champion and advocate, driving best practices and executing initiatives to improve our overall security posture. You will be an integral part of the Platform Engineering team, helping to design and protect our Cloud-native environments and work towards strengthening the security posture of the organization as a whole.

Your work will involve:

• Manage and execute on Spond’s cybersecurity roadmap.
• Securing our AWS- and Kubernetes-based cloud environments.
• Defining and implementing security policies, incident response plans, and vulnerability management.
• Embedding security automation into CI/CD pipelines and the software development lifecycle (SDLC).
• Managing security components such as SIEM, Cloudflare WAF, Datadog and Istio Mesh.
• Supporting the secure implementation of AI/LLMs within the platform and organization.
• Providing security guidance for cross-functional teams, ensuring best practices are followed.
• Manage internal security awareness programs and training initiatives.

To succeed in this role, we believe you already have: 

• A strong track record of securing cloud-native environments (AWS, Kubernetes, Cloudflare, Istio) 
• Expertise in securing CI/CD and other parts of the Software Development Lifecycle (SDLC).
• Experience defining and implementing security policies, vulnerability management, and response plans.
• Experience with cloud-native technologies, such as ArgoCD, Helm and Terraform.
• Proficiency in Go, Java or another relevant programming language.
• Ability to effectively communicate security concepts to both technical and non-technical stakeholders.
• Passion for staying ahead of emerging security threats and best practices.

Bonus points for:

• Experience working in Red/Blue team security initiatives.
• Exposure to AI/LLM security best practices.
• Background in security compliance (GDPR, ISO 27001, SOC 2, etc.).
  

We Offer

• A high-impact role in a fast-growing, product-focused company.
• The opportunity to shape security strategy and initiatives at scale.
• Autonomy and influence in a collaborative engineering culture.
• A modern tech stack and the chance to work with the latest security tools and practices.
• A flexible work environment with a centrally located office in Oslo.
• Competitive salary, equity options, and strong benefits.
• Annual budget for conferences and professional development.

We review applications continuously, so don’t wait—apply today or reach out for an informal chat!