Cloud Security Architect at If P&C Insurance (Solna, Sweden)

Cloud Security Architect at If P&C Insurance (Solna, Sweden)

Add To Bookmarks
Location: Solna, Sweden
Type: Full Time
Created: 2021-04-28 05:00:54

Apply Here

Cloud & DevOps CoE

Cloud & DevOps CoE is a Center of Excellence unit within If IT with the responsibility for developing if´s Public Cloud Platforms, Microsoft Azure and Google Cloud Platform as well as driving If´s DevOps adoption. The unit is focused on supporting the enablement of If´s Digitalisation Journey.

If has a strong culture of owning and developing its IT solutions. Over 1000 of our 7500 employees work with IT and we have over 30 internal development teams. These teams are increasingly deploying their solutions to Microsoft Azure, where year over year usage has grown by almost 300% in the last years.

The role

Security is an essential part of the organisation culture, and often need frequent educations and collaborations. As a Cloud Security Architect, you will be participating in both high-level architectural discussions with the platform governance teams as well as hands on with the software development teams to help them achieve secure developed solutions. You will work closely with the platform owners, IT Security as well as the Application Security Team which helps the development teams code securely. You will also work closely with the network team to make sure the overall governance and centralized solutions that are developed are aligned with the public cloud platforms overall roadmap regarding ease of use, DevOps culture and security culture.

You will be the person that the rest of the organisation relies on regarding new features in the public cloud platforms and overall guides of how the organisation develops solutions that are secured in the public cloud platforms. You will help both the platform governance teams as well as the software development teams to translate the policies, laws and guidelines produced by the IT Security and for instance EU to more comprehensible guidelines and principles to be used in practise by the development teams. You will also work together with the overall SRE team to make sure alerts are reviewed and sometimes translated into new policies, help with investigations and isolations in case needed.

Your role is extremely important in If and will require a person who likes to empower other teams and people as well as keeping a firm ground in the fundamentals of security. Negotiating business leaders and explaining why something is important and changing the culture of the organisation into a modern workplace with security as a culture.

The role is Nordic and you will be working with many different people and teams, with different mindsets and skills, which require you to be a smooth collaborator with strategic skills.

You will join a team that always has one foot in the cloud and DevOps as a mindset. DevOps is about influencing people and having an effective coaching is a big part of that success. This is what we do in a fast-paced and geographically diverse environment. The role will be key to ensure If’s digitalization journey and have a major impact on the architecture and development of current and future product and platform offerings.


  • Define the adoption of good and secure development and operations practices in If, in terms of DevOps and DevSecOps practices, environments, processes and tools

  • Be a subject matter expert in Cloud Security and be able to zoom in and out dependent on situation and team maturity

  • Provide technical and architectural guidance as well as hands-on support that support If´s digitalization journey

  • Monitor current and future trends in the Cloud Security as well as laws, risks and security threats and influence product and technology direction also incorporating the financial dimension

  • Work collaboratively across multi-disciplinary teams throughout the company as a Cloud Security subject matter expert with implementation and modernization in focus

  • Coaching and working with Cloud Engineers located in Riga

  • Coaching and working with IT Security, driving thru coaching the change to a more modern security approach

  • Coaching and working with the SRE team to manage alerts and incidents

  • Working closely with the Application Security Team to educate on best practices in the Cloud Security area

  • Participate in Architectural decisions with a Cloud Security focus


To be successful in this role, you will within the next two years have:

  • Defined a long-term roadmap and vision on how to design, deploy and operate secure cloud-based architectures

  • Strong understanding across Cloud and the services they provide

  • Preferably experience in following technologies: Microsoft Azure (cloud and architecture), Google Cloud Platform (cloud and architecture), Software development and integration (.NET), Mobile development, Databases (Cosmos/SQL/ML), Server configuration (Linux/Windows), Web Development (Angular, Web Forms, Single Page Applications), Microsoft Secure Development Lifecycle, Threat Modeling, GDPR, Common risk frameworks, common best practices, both a solid foundation in security as well as how to apply them in a modern context, OWASP, Azure Security features and tools, Network Security

  • Provide expertise for roadmaps, pre-studies and design workshops within project/program

  • Take ownership of our Platforms (Public Cloud, Monitoring and Development Tools) Security area, supporting our application lifecycle management structure and governance

  • Strong belief in automation and implementation of configuration management and continuous deployment practices

  • Establish good cooperation with our operations team in IT Baltics

As a person you are:

  • Forward-thinking, visionary and driven

  • Have a strategic mindset

  • Adept at structuring & analysing technology questions and concluding recommendations, also incorporating the financial dimension of decisions

  • Able to communicate, educate and collaborate effectively with others, and speak English fluently

  • Have strong technical knowledge in Infrastructure/Technical Architecture, preferably with concrete experience of Cloud Services for application hosting

  • You preferably hold certifications in IT Security, and in Azure such as AZ-500, CISSP, CCSP or similar.

  • You have a strong background in Security and also experience in Cloud Security and modern security challenges.

  • You understand basic Identity frameworks and how they work, as well as the difference between Authorization and Authentication.

  • Dedicated to creating an inspiring working environment for our IT units and engineering teams

  • Understands the MITRE ATT&CK framework

What will you get in this role in return?

  • An inspiring role driving adoption of emerging technologies and new ways of working in If

  • To be apart of a great team of Cloud Architects and Agile Coaches to help enable the digitalization journey

  • The opportunity to be instrumental in adoption and transformation of Infrastructure Architecture as well as supporting DevSecOps and security quality across If

  • As much freedom as possible – including the accountability that comes with it

The role will be in Stockholm and reports to the head of Cloud & DevOps CoE. Some travel will be required since the role has responsibility throughout the countries in which If operates. All applications must contain a cover letter and CV. Last date to apply is 15th of May. We will reviewing applications as they come in, so don’t wait to get yours in.

For more information regarding the position, please contact:

Viktor Junling, Head of Cloud & DevOps CoE, +46 73 422 84 40 (mail: [email protected])