
Lovable · Stockholm
TL;DR We are seeking an Application Security Engineer to champion security across our entire development lifecycle. You’ll play a pivotal role in reviewing code...
TL;DR We are seeking an Application Security Engineer to champion security across our entire development lifecycle. You’ll play a
pivotal role in reviewing code, designing secure features, and mentoring engineers, ensuring security is at the heart of
everything we build. If you’re passionate about application security, thrive on close collaboration with developers, and want to
do the work of your life, this is your opportunity
Lovable lets anyone and everyone build software with any language. From solopreneurs to Fortune 100 teams, millions of people use
Lovable to transform raw ideas into real products - fast. We are at the forefront of a foundational shift in software creation,
which means you have an unprecedented opportunity to change the way the digital world works. Lovable-built applications and
websites are visited hundreds of millions of times a month, and our enterprise footprint is compounding fast. And we’re just
getting started.
We’re a small, talent-dense team building a generation-defining company from Stockholm. We value extreme ownership, high velocity,
and low-ego collaboration. We seek out people who care deeply, ship fast, and are eager to make a dent in the world.
high-growth startups, or leading AI labs.
patching, and vulnerability management.
authentication, containerized workloads, and public cloud platforms.
engineering workflows.
is embedded in product development.
And always exploring what’s next.
Join our global force of 400+ innovators, blending the latest in tech with the greatest in soundtracking, from our Stockholm HQ to offices in London, New York, Los Angeles, Berlin, Paris, Oslo, and Seoul. We’re an industry leader with a startup mentality. We take what we do seriously, but we don’t take ourselves too seriously. Creating and collaborating to transform the sound of streaming, content, and culture. Come join us, and let the world feel your work. As a Security Engineer at Epidemic Sound, you will help keep the company safe across three connected surfaces: the products our customers use, the platform our engineers build on, and the systems our employees rely on every day. This is a broad, generalist role where your work directly shapes how an industry-leading company with a startup mentality manages risk and builds securely at scale. Building security automations and custom AI agents is a normal part of how the team operates, and you will be expected to do the same. You will sit within the Business Tech Division and report to the Head of Security, working closely with engineers, SRE, IT, Legal, and People teams across the organisation. YOUR KEY RESPONSIBILITIES INCLUDE * Own the vulnerability management programme across our products, cloud, and corporate estate: discovery, prioritisation, remediation tracking, and reporting. * Consolidate findings across our detection stack into a single risk picture. * Partner with software engineers to grow the Secure Software Development Lifecycle, including code reviews, threat models, and pre-ship security input. * Harden the GCP estate, Kubernetes platform, and CI/CD systems our engineers depend on. * Run vendor security reviews and respond to enterprise customer security questionnaires. * Operate and tune the Elastic SIEM and broader detection stack, building new detections as the threat picture evolves. * Respond to security incidents including on-call, and run training exercises to keep the team ready. * Build and run security agents and automations that other engineers and the wider business rely on, treating them as production-grade software. * Evaluate AI models and frameworks against security standards. REQUIREMENTS * Around five years in security engineering, with depth in at least one of application security, infrastructure security, enterprise security, or vulnerability management, and solid breadth across the others. * Hands-on experience running or contributing to a vulnerability management programme, including prioritisation, SLA setting, remediation tracking, and reporting. * Working knowledge of SCA/SAST tooling, Internal Developer Portals, and SIEM; we use Snyk, Port, and Elastic. * Working knowledge of the security features of the major public cloud providers, with GCP preferred. * Comfort with Kubernetes, Docker, or other container architectures. * Confident with at least one programming or scripting language such as Python, Go, or Bash. * Solid experience with Git, GitHub Actions, and Terraform. * Active, daily use of AI and agentic tools, with concrete examples of agents you have built and outputs you have shipped. * Experience with vendor security questionnaires. * Familiarity with common security frameworks such as PCI DSS and NIST. IT WOULD ALSO BE MUSIC TO OUR EARS IF YOU HAVE * Penetration testing background or OWASP Top 10 fluency. * Experience with CI/CD security hardening at scale. * A track record of building security tools other engineers want to use. * Experience reporting vulnerability management and security posture metrics to leadership. * Familiarity with social engineering attacks, especially phishing, and the controls that reduce them. Equal opportunity employer We believe that bringing people together from different backgrounds, experiences and perspectives makes for a healthy workplace, a more successful business and a better world. We value diversity and encourage everyone to come and soundtrack the world with us. Application Ready to make the world feel your work? Please apply, in English.
EQT is looking for an Application & AI Cyber Security Engineer to join our Cyber Security Engineering team, owning the security posture of our hosted applications, container platforms, and AI environments. This is a hands-on engineering role where you will build automated guardrails and real-time visibility — making the secure path the easy path across a modern, globally distributed technology landscape. ABOUT THE TEAM The Cyber Security Engineering team defines and validates security standards across EQT's technology landscape. Operating as a trusted security function, the team works closely with platform engineering, cloud infrastructure, identity, and technology assurance teams to strengthen controls while enabling innovation. This role sits within a small, high-trust team where collaboration, curiosity, and technical depth are core to how we work. The team supports both traditional application environments and emerging AI and agentic platforms, helping EQT navigate a rapidly evolving threat landscape with practical, engineering-led security standards. You will report to the Head of Digital Employee Experience and partner closely with the CISO function, contributing engineering depth directly to governance and policy decisions. ABOUT THE ROLE This role brings together application security, container security, and AI security into one evolving discipline — giving you the scope to influence standards, technical controls, and governance frameworks across a global technology environment. The mandate is to build automated guardrails and observability at scale, not to review individual applications by hand. * Design and deploy automated controls for container platforms and application deployments — admission controllers, policy-as-code, and pre-configured scanning — that enforce standards at the point of deployment rather than after the fact. * A growing part of the job is enabling citizen development — making sure non-technical teams can use AI coding tools like Claude Code and CoWork without needing to come through security first, because the guardrails are already there. * Curate internal security tooling, automation, and AI skills for cost, reliability, and security posture — favouring deterministic, scripted components that run fast and cheap over token-intensive approaches, and tracking cost-per-outcome across security controls as a core operating discipline. * Own container security standards as enforceable controls: image scanning policy, runtime baselines, and registry governance across all deployment paths, including workloads outside formal pipelines. * Manage software supply chain risk end-to-end, including dependency scanning, build-time and runtime composition analysis, and identifying high-propagation risk junctions. * Build application security observability that goes beyond static inventories — a live picture of what is deployed, what it is composed of, and where risk is concentrated — and provide actionable dashboards for engineering leadership and the CISO function. * Own the security configuration of EQT's AI platforms, including hardening, access controls, data flow governance, and defences against prompt injection and data exfiltration. * Assess MCP connector risk — API call patterns, data processing terms, allowlist maintenance, and dependency chains — and evaluate new AI tools with enough technical depth to inform CISO-level approval decisions. * Define behavioural baselines for agentic execution environments and close AI-specific insider threat gaps, ensuring monitoring tools can see into AI data flows. * Collaborate with Detection & Insider Threat Engineers on container runtime telemetry, and with Identity & Cloud Security Engineers on service identity, workload access, and secrets management. TOOLS YOU'LL WORK WITH Kubernetes, CI/CD platforms, SBOM tooling, Aikido, Claude Enterprise, Claude Code, MCP, CoWork, DTEX, Datadog, policy-as-code frameworks. ABOUT YOU You are a technically grounded security engineer who cares deeply about developer experience and approaches security friction as a design problem to solve, not a trade-off to accept. You work with clarity and ownership, communicate technical findings to senior stakeholders with confidence, and are actively building your knowledge of AI and agentic security. What you'll bring (must-have): * Proven hands-on experience with container security — Kubernetes, image scanning, admission control, runtime protection, and policy-as-code. * A track record of building automated security controls that scale, with an instinct for making the right path easy and the wrong path hard rather than relying on manual review. * Solid application security fundamentals, including familiarity with OWASP Top 10, secure development lifecycle, and software supply chain risk, with an orientation toward enforcement over assessment. * Experience building security visibility into running systems through instrumentation, runtime analysis, or operational dashboards — understanding the difference between knowing what was shipped and knowing what is actually executing in production. * Active use of AI-assisted development tools in your own engineering work (such as Claude Code, GitHub Copilot, or equivalent); this role is designed around that way of working. * Early or growing experience in AI and LLM security — including prompt injection, data exfiltration, model API security, or agentic system controls — and a clear appetite to develop expertise in this space. * The ability to communicate complex technical findings clearly and concisely to senior stakeholders who will translate them into policy and governance decisions. Nice to have: * Familiarity with tools such as CrowdStrike, Aikido, Bold Security, Nightfall, Zscaler, or Lakera Guard. * Experience with MCP (Model Context Protocol), agentic frameworks, or AI platform administration. * Background working in private equity, financial services, or other environments where non-public information is a primary asset requiring protection. * Experience measuring and optimising the operational cost of security controls. * Comfort deploying and working with local open-source LLMs for automation use cases. HOW WE THINK ABOUT THIS ROLE Application security and AI security share a common threat model — data exfiltration, supply chain compromise, and the boundary between trusted and untrusted code. AI connectors that interact with hosted services sit squarely in both domains. Splitting them into separate roles at a five-person team would create seams in exactly the places attackers exploit. The role is also shaped by a bet on AI-augmented engineering. An engineer with good tooling, a real token budget, and the discipline to automate before they assess can cover ground that would have required a larger team not long ago. We've designed the headcount around that — not to cut corners, but because the best security engineering now looks like one person building excellent guardrails with AI, not several people reviewing things by hand. WHAT WE OFFER At EQT, you will work in an environment that combines high impact with high trust, contributing to security challenges that matter at a global scale. You will help shape practices in areas that are rapidly evolving across the industry — AI security, software supply chain security, and modern application platforms — with direct influence on governance decisions and engineering standards. We offer meaningful and complex work with global reach, close collaboration with experienced colleagues across security, engineering, and technology, and genuine exposure to emerging AI technologies and cloud-native platforms. EQT has a culture that values curiosity, ownership, and continuous learning, with real opportunities for professional development in a fast-moving environment. COMPENSATION & BENEFITS NOTICE We offer a competitive total rewards package including base salary, determined based on the role, experience, skill set, and location. Eligible employees may also receive discretionary incentive compensation, awarded in recognition of individual performance and company results. EQT provides a comprehensive benefits offering designed to support employee wellbeing, development, and work-life balance. Benefits include paid time off, parental leave, wellbeing and wellness support, flexible working arrangements, and learning and development opportunities. Benefits are effective from the first day of employment and may vary by location and role. Inclusion at EQT Our vision for EQT employees is to build high performing & engaged teams. Our competitive edge comes from fostering an environment where every individual feels valued, empowered, and motivated to drive business impact. Our commitment to inclusion is not just about fairness; We understand and believe that being a great place to work drives the best performance.At EQT, inclusion is a business imperative and it's embedded into our talent strategy, decision-making, and culture to ensure that every individual and team operates at their full potential. By doing so, we unlock better collaboration, stronger innovation, and superior investment outcomes. About EQT EQT is a purpose-driven global investment organization focused on active ownership strategies. With a Nordic heritage and a global mindset, EQT has a track record of over three decades of developing companies across multiple geographies, sectors and strategies. EQT has investment strategies covering all phases of a business’ development, from start-up to maturity. EQT has EUR 270 billion in total assets under management (EUR 141 billion in fee-generating assets under management), within two business segments – Private Capital and Real Assets. With its roots in the Wallenberg family’s entrepreneurial mindset and philosophy of long-term ownership, EQT is guided by a set of strong values and a distinct corporate culture. EQT manages and advises funds and vehicles that invest across the world with the mission to future-proof companies, generate attractive returns and make a positive impact with everything EQT does. EQT has offices in more than 25 countries across Europe, Asia and the Americas and has more than 1,900 employees. More info: www.eqtgroup.com Follow EQT on LinkedIn, X, YouTube and Instagram
Role Summary We are looking for a cyber security engineer to work with our future challenges of battery and thermal control systems for electrified vehicles. You will be part of a line group consisting of 18 skilled and passionate engineers within various competence areas. You will work closely and share the cyber security work responsibility with the cyber security manager. The work is conducted in a global agile landscape. You will work with cyber security artifacts such as TARA, cyber security concept, requirements, monitoring controls, reviews and more. You will carry out your own deliveries as well as support others with your expertise in cyber security topics. Our organization is highly focusing on AI usage and the role can potentially be combined with part time work on developing and prototyping AI tools that solve engineering problems and improve team productivity, supporting many different competence areas within our organization. Who You Are You have a master degree in computer science, information technology, engineering physics, electrical engineering or equivalent and +5 years of experience from working with vehicle embedded systems. Previous experience from working with either cyber security in automotive industry (ISO21434, UN ECE R155/156) or functional safety (ISO26262) is required. Domain knowledge in battery and thermal control systems is meritorious. Curiosity in AI, developing AI agents and LLM-based solutions, with solid Python programming skills to build automations, integrate APIs, and rapidly prototype tools. You are comfortable with taking lead in the work and enjoy involving your colleagues. Your problem-solving skills and your capacity to adapt to changing circumstances will be your best tool and advantage in this position. We are a large organization with a great deal of cross-functional collaboration and your skills in communication and building relationships will be appreciated. Good knowledge in English is required. This is Us At TRATON, you are part of something bigger. Together with colleagues across our global brands, you will contribute to shaping the future of sustainable transportation. We offer an environment where collaboration across teams and borders is key, giving you the opportunity to learn, grow, and make a real impact. Working at TRATON means being close to innovation, business decisions, and industry transformation — all while being supported in your professional development. You’ll benefit from competitive employment conditions, including wellness allowance, bonus, flexible working hours, and company car options. At the same time, you’ll be part of a culture that values openness, teamwork, and continuous learning. Scania Offers We offer a dynamic and engaging workplace where collaboration, innovation, and continuous improvement are part of everyday life. You will be part of a strong team environment that encourages knowledge sharing and close cooperation across functions. With a structured development plan and a wide range of training opportunities, Scania supports your professional growth both locally and internationally. Benefits include access to our health center in Gröndal or a wellness allowance, result bonus, flexible working hours, and company car leasing. Scania also arranges events for employees and their families, and for those living in Stockholm, convenient commuting is supported through direct Scania Job express buses to Södertälje. Application We look forward to receiving your application, consisting of your CV and kindly ask you not to share a cover letter to ensure an efficient and unbiased recruitment process for all parties. Apply as soon as possible, no later than 2026-07-22. Screening will take place on an ongoing basis during the application period. Logical and personality tests may be used as part of the selection process, and a background check may be required for this role. We look forward to your application!