Cybersecurity Leader – Application Security | Operations Management

Tech & Innovation

We are on a journey to transform our digital capabilities, bringing core business processes, people, data & technology together - an enabler for IKEA to become an even better home furnishing retailer in the future. A journey that needs passionate people who embrace change, dare to question and want to make a difference. If that sounds like you, come and join us. Together we can do great things! 😊

About the role

We are seeking an experienced application security leader to plan, build, roll-out and enhance maturity and effectiveness of our application security program. In this role, you will lead application security initiatives and collaborate closely with our development, engineering and product teams to embed security into every stage of the software development cycle.

More specifically in this role, you will:

• Define and execute roadmap/wished position for application security, aligning with business goals and compliance requirements.
• Develop, implement and continuously improve secure software development lifecycle (SSDLC) policies, standards and guidelines aligning with industry standards (like OWASP, NIST)
• Collaborate with digital development, software engineering and cloud platform teams to ensure that security practices are integrated into each stage of application development and deployment process in cloud
• Contribute to assessment and integration of application security tools (e.g. SAST, SCA, DAST) in CI/CD pipelines to enable continuous security testing and control validation
• Identify opportunities to automate security processes in the SDLC to increase efficiency and scalability across teams.
• Provide expert guidance to developers on secure coding practices, threat modelling, risk assessment and remediation of identified vulnerabilities
• Contribute to the design and delivery of security awareness and training programs for software developers and engineers to promote culture of security-by-design
• Support our cybersecurity and digital product teams in investigating and mitigating application security incidents and vulnerabilities, including responsible disclosures
• Establish relevant metrics and KPIs and regularly report on effectiveness and maturity of application security initiatives

About you

Are you a cybersecurity professional, passionate about building and implementing application security programs? Do you have a knack for spotting trends and finding creative solutions to complex problems? If so, then come join our small but fast-growing cybersecurity team at IKEA. We're a group of bright, energetic individuals who are dedicated to making healthy and sustainable living more accessible and affordable for everyone.

As our ideal candidate, you bring in a mix of deep application security expertise, excellent stakeholder management and strategic mindset to drive application security improvements across digital product areas. You have:

• 8+ years’ experience in application security, secure software development or DevSecOps preferably in a large enterprise with multiple product teams
• Strong understanding of secure coding practices, common application vulnerabilities and attack vectors
• Experience with application threat modelling, security testing and risk assessments
• Proficiency in application security tools for SAST, DAST and SCA and preferably, experience in 1 or more programming languages like Java, Javascript, Python, C#
• Familiarity with DevOps and CI/CI practices and experience integrating security within CI/CD pipelines
• Knowledge of secure software development frameworks, methodologies and industry practices like OWASP SAMM, NIST SSDLC
• Excellent communication and stakeholder engagement skills with ability to educate and steer cross-functional teams on application security priorities

About IKEA

At IKEA, we do things a little different. We think, differently. Act, differently. And work differently as well. We like to break things. Like rules. And then make things. Like music-playing lamps. And beds disguised as sofas. Even plant balls that help us look after our planet. It’s all part of our vision - to create a better everyday life for the many. And it’s been keeping our co-workers going for over 75 years. By 2030, we hope to help millions more look forward to going home. Maybe you can help us.

The IKEA culture and values are very much a part of our business and day to day work life. For you to thrive and grow with IKEA it’s important for us that you share our values! You can read more regarding our values and life at IKEA on our website www.ikea.com

About The Area

IKEA Operations Management builds up, delivers, serves and supports shared data and technology for the IKEA value chain. Together we build a digital foundation to enable our core business partners and franchisees to work more efficiently and create a rewarding customer experience in an omnichannel world. Inter IKEA is on a journey to strengthen our ability to protect the IKEA brand from cyber risks and threats by developing, enhancing and implementing a set of cybersecurity capabilities.

"At IKEA, we are looking for people who believe everyone deserves a seat at the table. You’re welcome no matter where you come from, what you believe, and what you look like. We don’t even care how you have furnished your home. We’re interested in you simply because you’re you. Even if your experience doesn’t align perfectly with every qualification in the job description, we encourage you to apply anyway. We believe that people’s different perspectives, backgrounds, and personalities make us better at understanding our customers dreams and needs. At IKEA, we’re all on the same project." Chris Ellis, Recruitment Leader