Lead Security Engineer – Core Technology Team

Tech Innovation at Apotea
Apotea is Sweden's largest online pharmacy, committed to making healthcare products accessible and efficient for everyone. Our Tech department aims to redefine how AI and automation drive modern businesses — not by forcing AI into traditional workflows, but by creating AI-driven systems that give humans control, insight, and the ability to apply their expertise where it matters most.

The Core Technology team builds the architectural foundation supporting e-commerce, logistics, data, AI/ML, and customer experience. We ensure all development aligns with our long-term vision and contributes to Apotea's growth.

We are now looking for a Lead Security Engineer to take full ownership of Apotea's security strategy, ensure compliance, and enable teams to build and innovate securely at scale.

The Role
As Lead Security Engineer, you will define, implement, and evolve security practices across AWS (serverless-first), e-commerce, logistics, and data platforms. The role combines strategic leadership with hands-on engineering — you will implement security yourself while empowering others to do so.

You will act as the first-line technical security lead, defining guardrails, monitoring risks, and leading incident response. You will develop secure practices for coding with AI assistants, ensuring generated code meets security standards, avoids data leakage, and aligns with regulations. You will also communicate complex security concepts clearly across the organization.

Location:
Sveavägen 168, Stockholm, Sweden (On-site)

Key Responsibilities
Security Leadership

• Own and evolve Apotea's security strategy across cloud, applications, and infrastructure.
• Translate business and regulatory requirements into sustainable security practices.
• Define guardrails, best practices, and reference implementations for teams.

Hands-On Security Engineering

• Design and implement secure AWS serverless and data-driven systems.
• Lead IAM practices, enforcing least-privilege and zero-trust.
• Oversee vulnerability management, penetration testing, and patching.
• Ensure secure DevSecOps pipelines and IaC security.

Monitoring & Incident Response

• Build and operate monitoring, detection, and alerting systems (SIEM, EDR, GuardDuty, Security Hub).
• Lead incident response: investigate, contain, and recover from security events.
• Maintain and test playbooks for emerging threats.

Governance & Compliance

• Ensure GDPR, healthcare regulations, and industry standards compliance.
• Embed security and privacy by design across development.
• Partner with legal, compliance, and business units for regulatory readiness.
• Provide training and frameworks for safe AI usage without compromising security.

Collaboration & Culture

• Work closely with engineers, architects, and product teams to integrate security early.
• Mentor engineers in secure coding and infrastructure practices.
• Advocate for a strong security culture.

Qualifications

• Extensive experience as a security engineer and organization's main security expert.
• Proven expertise in securing AWS (IAM, networking, serverless, encryption, monitoring).
• Strong background in designing secure, scalable, cloud-native systems.
• Hands-on experience with SIEM, EDR, vulnerability scanners, secrets management.
• Deep knowledge in DevSecOps and IaC (CDK, Terraform, CloudFormation).
• Programming/scripting skills: Go, TypeScript, .NET, Python, or similar.

Nice to Have: experience in regulated industries, compliance frameworks (ISO 27001, NIST, PCI-DSS), or red/blue team operations.

Why Join Apotea?

• Stable company with a meaningful mission: improving healthcare accessibility.
• Work on cutting-edge AI, ML, and automation impacting millions of customers.
• Modern cloud-native technologies (serverless, AI, event-driven).
• Flat, agile organization with minimal bureaucracy.
• Career growth through training, mentorship, and conferences.
• End-to-end project ownership from concept to deployment.
• Culture of experimentation, collaboration, and innovation.

About Apotea
is Sweden's largest online pharmacy, with the country's broadest range of over 32,000 non-prescription items and nearly 19,000 prescription drugs for humans and animals. Recognized as Sweden's most sustainable e-commerce company (Sustainable Brand Index 2021), we simplify everyday life for our customers with fast deliveries and expert advice. In 2024, Apotea reached a turnover of SEK 6.5 billion and currently employs about 1,000 people across Stockholm, Lidingö, and Morgongåva.

Apotea is an inclusive employer that values diversity. We welcome all applicants and strive to create a work environment where people, regardless of background, gender, age, religion, or disability, can thrive and grow.

Recruitment Process

• Apply
• Interview: Screening
• Interview: Technical Capabilities
• Interview: Culture Fit
• Background Check: As a pharmacy, we always conduct a background check.
• Offer Presented

Application
Do not hesitate to send in your application already today. For more information or questions, visit our career page or contact us at We do not accept applications via email.

LinkedIn

Instagram

Join Us and Make a Difference -
We hope you want to be a part of our team
Submit your application today—interviews are conducted on an ongoing basis, and the position may be filled immediately. Start date by agreement.

Welcome to Apotea – where technology meets health and creates magic

Apotea är Sveriges största nätapotek med fokus på hållbarhet och snabba leveranser. Vår logistik är hjärtat i verksamheten, och vi har som mål att bli Nordens största apotek och Sveriges mest hållbara företag. Tillsammans med våra kunder har vi samlat in över 100 miljoner kronor till välgörenhet, och vi fortsätter att växa varje år – med våra medarbetare som den drivande kraften bakom framgången.