Information and Security Engineer

Information and Security Engineer in a consulting role tasked with requirements elicitation and analysis within a cross-functional agile team. The role involves ensuring needs and requirements are fulfilled, managing interfaces, interpreting regulatory frameworks, and contributing to the development, testing, and operation of IT systems with high security and compliance requirements. Responsibilities include collaborating with business teams to manage needs and interfaces, participating in development, testing, and operations, acting as a requirements engineer and analyst, performing security analyses and following internal audit processes, ensuring regulatory compliance (NIST 800-171 Rev.2, KSF 3.1, NIS2, Cyber Essentials, DSV, DR), formulating and tracking security-related requirements, managing IAM with role- and policy-based access control, conducting and supporting security testing (e.g., MITM testing), and contributing technical expertise in development, operations, and sprint-based deliveries. The role requires practical security testing experience, and strong communication in Swedish and English. The engagement is a full-time consultancy with hybrid remote work and on-site presence as needed across Vällingby, Malmö or Linköping, Sweden.