Cloud Security Engineer

Gjensidige
Full_timeOslo, Norway

📍 Job Overview

  • Job Title: Cloud Security Engineer
  • Company: Gjensidige
  • Location: Oslo, Norway
  • Job Type: Hybrid (2 days on-site)
  • Category: DevOps, Security
  • Date Posted: June 30, 2025
  • Experience Level: Mid-level (2-5 years)
  • Remote Status: On-site with hybrid option

🚀 Role Summary

  • Collaborate with cross-functional teams to implement security measures in our cloud-based platform.
  • Enhance and further develop existing security functionalities, and explore new solutions for future security needs.
  • Ensure secure continuous delivery of value to end-users by leveraging modern cloud security practices.

💻 Primary Responsibilities

  • Cloud Security: Implement and manage security measures in our cloud-based platform, ensuring compliance with security standards and best practices.
  • Collaboration: Work closely with our platform and operations teams to integrate security into our cloud infrastructure.
  • Security Development: Develop and maintain security tools, scripts, and processes to automate security tasks and enhance our security posture.
  • Threat Analysis: Identify and mitigate potential security threats and vulnerabilities in our cloud environment.
  • Incident Response: Participate in incident response planning and execution to minimize the impact of security incidents.

🎓 Skills & Qualifications

Education: Relevant degree in Computer Science, Information Security, or a related field. Familiarity with cloud security principles and practices.

Experience: Proven experience (2-5 years) in a cloud security role or similar position. Experience with cloud platforms such as Azure, Google Cloud, or AWS is preferred.

Required Skills:

  • Proficiency in cloud security technologies and best practices.
  • Experience with Kubernetes, Grafana, Defender for Cloud, Entra ID, Sentinel, and Infrastructure as Code (IaC) tools.
  • Strong understanding of security principles, including application security, supply chain security, runtime security, identity management, access control, networking, and architecture.
  • Experience with GitHub and familiarity with programming languages.
  • Comfortable using command-line interfaces and exploring new technologies and languages.

Preferred Skills:

  • Experience with Azure, Google Cloud, or AWS.
  • Familiarity with security information and event management (SIEM) systems.
  • Knowledge of DevOps practices and CI/CD pipelines.
  • Experience with container security and secure software supply chain (SSSC) practices.

📊 Web Portfolio & Project Requirements

Portfolio Essentials:

  • Documented case studies demonstrating your experience with cloud security, including your approach to threat analysis, incident response, and security development.
  • Examples of security tools, scripts, or processes you have developed to automate security tasks.
  • Evidence of your ability to work effectively in a team environment, collaborating with developers, operations, and other stakeholders.

Technical Documentation:

  • Detailed documentation of your cloud security approach, including security policies, procedures, and standards.
  • Records of security audits, assessments, and penetration tests you have conducted or participated in.
  • Documentation of your incident response planning and execution, including post-incident analysis and lessons learned.

💵 Compensation & Benefits

Salary Range: Not specified. According to Glassdoor, the average salary for a Cloud Security Engineer in Norway is around 700,000 NOK per year. This is an estimate and may vary based on experience and qualifications.

Benefits:

  • Good pension scheme.
  • Insurance plans, including treatment insurance.
  • Employee discounts.
  • Company cabins in Norway and abroad.
  • Flexible working hours.

Working Hours: Full-time position with flexible working hours and the option to work from home up to 3 days a week.

🎯 Team & Company Context

🏢 Company Culture

Industry: Insurance.

Company Size: Large (4,700+ employees in Norway, Sweden, and Denmark).

Founded: 1938.

Team Structure:

  • The Cloud Security Engineer role is part of the IT Security team, which consists of around 30 technical professionals.
  • The team works closely with the Platform and Operations teams to ensure security is integrated into our cloud infrastructure.
  • The role reports directly to the IT Security Manager but collaborates extensively with other teams within the organization.

Development Methodology:

  • Agile/Scrum methodologies are used for cloud security development and deployment.
  • Code reviews, testing, and quality assurance practices are employed to ensure the security of our cloud environment.
  • Deployment strategies, CI/CD pipelines, and server management are critical aspects of the role.

Company Website: Gjensidige

📝 Enhancement Note: Gjensidige is a large, established insurance company with a strong focus on technology and innovation. The company has a significant presence in Norway, Sweden, and Denmark, with a strong commitment to digital transformation and cloud security.

📈 Career & Growth Analysis

Cloud Security Career Level: Mid-level. This role involves managing and enhancing cloud security in a large, complex environment, with opportunities for growth and specialization in various security domains.

Reporting Structure: The Cloud Security Engineer role reports directly to the IT Security Manager but works closely with the Platform and Operations teams. This provides opportunities for collaboration and influence on cloud security strategy and architecture.

Technical Impact: The role has a significant impact on the security of Gjensidige's cloud environment, affecting all applications and services hosted on the platform. This includes ensuring compliance with security standards, mitigating security threats, and enhancing security posture.

Growth Opportunities:

  • Technical Specialization: Deepen expertise in specific cloud security domains, such as identity and access management, network security, or cloud security architecture.
  • Team Leadership: Develop leadership skills and take on more responsibilities within the IT Security team, mentoring junior team members, and driving security initiatives.
  • Architecture Decisions: Contribute to strategic architecture decisions, shaping the future of Gjensidige's cloud security posture.

📝 Enhancement Note: Career growth in this role is driven by technical expertise, leadership potential, and the ability to make strategic architecture decisions. Opportunities for specialization and team leadership are available, with potential for progression to senior or management roles within the IT Security team.

🌐 Work Environment

Office Type: Modern, collaborative office space in central Oslo, with flexible work arrangements and remote work options.

Office Location(s): Oslo, Norway.

Workspace Context:

  • The office provides a modern, collaborative workspace with access to the latest tools and technologies.
  • Multiple monitors and testing devices are available to support cloud security development and testing.
  • The office encourages cross-functional collaboration between teams, with regular team meetings and knowledge-sharing sessions.

Work Schedule: Full-time position with flexible working hours and the option to work from home up to 3 days a week. Working hours are typically 8:00 AM to 4:00 PM, with a 30-minute lunch break.

📝 Enhancement Note: The flexible work arrangement and remote work options at Gjensidige allow for a better work-life balance and increased productivity. The collaborative office environment fosters knowledge sharing and teamwork, driving innovation and success in cloud security initiatives.

📄 Application & Technical Interview Process

Interview Process:

  1. Technical Phone Screen: A brief phone or video call to assess your technical background and cloud security experience.
  2. Technical Deep Dive: A comprehensive technical interview focusing on cloud security principles, tools, and best practices. This may include case studies, threat analysis exercises, and incident response scenarios.
  3. Behavioral Interview: An in-depth discussion of your problem-solving skills, teamwork, and adaptability in a dynamic cloud security environment.
  4. Final Decision: A review of your application materials, technical assessments, and interview performance to determine the best fit for the role.

Portfolio Review Tips:

  • Highlight your experience with cloud security, including threat analysis, incident response, and security development.
  • Showcase your ability to work effectively in a team environment, collaborating with developers, operations, and other stakeholders.
  • Demonstrate your understanding of cloud security best practices and your ability to apply them in a real-world context.

Technical Challenge Preparation:

  • Brush up on your knowledge of cloud security principles, tools, and best practices.
  • Familiarize yourself with Gjensidige's cloud environment and security requirements.
  • Prepare for case studies, threat analysis exercises, and incident response scenarios, demonstrating your problem-solving skills and technical expertise.

ATS Keywords: See the comprehensive list of relevant cloud security keywords below, organized by category.

🛠 Technology Stack & Web Infrastructure

Cloud Platforms:

  • Microsoft Azure (preferred)
  • Amazon Web Services (AWS)
  • Google Cloud Platform (GCP)

Cloud Security Tools:

  • Azure Defender for Cloud
  • Azure Sentinel
  • Azure Entra ID
  • Infrastructure as Code (IaC) tools (e.g., Terraform, Azure Resource Manager)
  • GitHub for version control and collaboration

Monitoring & Logging Tools:

  • Grafana for data visualization and monitoring
  • Azure Monitor for cloud-based monitoring and alerting
  • Azure Log Analytics for log management and analysis

Containerization & Orchestration:

  • Kubernetes for container orchestration
  • Azure Kubernetes Service (AKS) for managed Kubernetes environments

CI/CD Pipelines:

  • Azure DevOps for CI/CD and project management
  • GitHub Actions for CI/CD in a GitHub-based workflow

Programming Languages:

  • PowerShell
  • Bash
  • Python (for scripting and automation)

📝 Enhancement Note: Gjensidige's cloud security technology stack is built on Microsoft Azure, with a focus on Azure-specific tools and services. Proficiency in Azure is highly desirable, but experience with other cloud platforms such as AWS or GCP is also valuable. Familiarity with containerization, orchestration, and CI/CD pipelines is essential for success in this role.

👥 Team Culture & Values

Cloud Security Values:

  • Security First: Prioritize security in all aspects of cloud infrastructure design, deployment, and maintenance.
  • Collaboration: Work closely with other teams, including Platform, Operations, and Development, to ensure security is integrated into all aspects of cloud infrastructure.
  • Continuous Learning: Stay up-to-date with the latest cloud security trends, tools, and best practices.
  • Proactive Approach: Identify and mitigate potential security threats and vulnerabilities before they become significant issues.

Collaboration Style:

  • Cross-Functional Teamwork: Work closely with other teams to integrate security into cloud infrastructure design, deployment, and maintenance.
  • Code Review Culture: Participate in code reviews and security assessments to ensure the security of cloud infrastructure.
  • Knowledge Sharing: Share your expertise with team members and other teams, fostering a culture of continuous learning and improvement.

📝 Enhancement Note: Gjensidige's cloud security team values collaboration, continuous learning, and a proactive approach to security. The team works closely with other teams to ensure security is integrated into all aspects of cloud infrastructure, fostering a culture of shared responsibility and collective success.

⚡ Challenges & Growth Opportunities

Technical Challenges:

  • Cloud Security Evolution: Keep up with the latest cloud security trends, tools, and best practices as the cloud landscape evolves.
  • Complex Environment: Work in a large, complex cloud environment with multiple applications, services, and teams, requiring a deep understanding of cloud security principles and tools.
  • Compliance & Standards: Ensure compliance with relevant security standards, regulations, and industry best practices.
  • Incident Response: Develop and maintain incident response plans and procedures to minimize the impact of security incidents.

Learning & Development Opportunities:

  • Cloud Security Specialization: Deepen your expertise in specific cloud security domains, such as identity and access management, network security, or cloud security architecture.
  • Certifications & Training: Pursue relevant certifications, such as the Certified Information Systems Security Professional (CISSP) or Certified in Cloud Security Professional (CCSP) certifications, to enhance your cloud security knowledge and credibility.
  • Conferences & Events: Attend industry conferences, webinars, and workshops to stay up-to-date with the latest cloud security trends and best practices.

📝 Enhancement Note: The technical challenges in this role require a deep understanding of cloud security principles, tools, and best practices. The learning and development opportunities provide a path for career growth and specialization in cloud security, with the potential for progression to senior or management roles within the IT Security team.

💡 Interview Preparation

Technical Questions:

  • Cloud Security Principles: Explain the principles of least privilege, defense in depth, and the shared responsibility model in the context of cloud security.
  • Threat Analysis: Describe your approach to threat analysis, including identifying, classifying, and mitigating potential security threats in a cloud environment.
  • Incident Response: Walk through your incident response process, from detection to containment, eradication, and recovery, with a focus on minimizing downtime and data loss.
  • Security Development: Explain your approach to developing and maintaining secure cloud infrastructure, including security by design, security by default, and security by obscurity.

Company & Culture Questions:

  • Cloud Security Culture: Describe your experience working in a collaborative, cross-functional team environment, and how you have contributed to a culture of shared responsibility and collective success.
  • Cloud Security Evolution: Explain how you have adapted to changes in the cloud security landscape, and how you stay up-to-date with the latest trends, tools, and best practices.
  • Cloud Security Architecture: Discuss your experience with cloud security architecture, and how you have designed and implemented secure, scalable, and resilient cloud infrastructure.

Portfolio Presentation Strategy:

  • Cloud Security Case Studies: Present case studies demonstrating your experience with cloud security, including threat analysis, incident response, and security development.
  • Cloud Security Architecture: Showcase your ability to design and implement secure, scalable, and resilient cloud infrastructure, with a focus on security by design and security by default.
  • Cloud Security Tools: Highlight your experience with cloud security tools, including Azure Defender for Cloud, Azure Sentinel, and Azure Entra ID, and how you have used them to enhance cloud security posture.

📝 Enhancement Note: The technical interview questions focus on cloud security principles, threat analysis, incident response, and security development. The company and culture questions assess your ability to work effectively in a collaborative, cross-functional team environment and adapt to changes in the cloud security landscape. The portfolio presentation strategy emphasizes your experience with cloud security case studies, architecture, and tools.

📌 Application Steps

To apply for this Cloud Security Engineer position at Gjensidige:

  1. Tailor Your Resume: Highlight your cloud security experience, including threat analysis, incident response, and security development. Emphasize your relevant cloud security certifications, such as CISSP or CCSP, and any experience with Azure, AWS, or GCP.
  2. Prepare for Technical Phone Screen: Brush up on your cloud security knowledge, focusing on cloud security principles, tools, and best practices. Be ready to discuss your experience with cloud security in a large, complex environment.
  3. Research Gjensidige: Familiarize yourself with Gjensidige's cloud environment, security requirements, and company culture. Prepare for behavioral interview questions that assess your problem-solving skills, teamwork, and adaptability in a dynamic cloud security environment.
  4. Prepare for Technical Deep Dive: Review your cloud security case studies, architecture, and tools, focusing on your ability to design and implement secure, scalable, and resilient cloud infrastructure. Be ready to discuss your approach to threat analysis, incident response, and security development.

⚠️ Important Notice: This enhanced job description includes AI-generated insights and cloud security industry-standard assumptions. All details should be verified directly with the hiring organization before making application decisions.

Application Requirements

Candidates should have experience with various technologies such as Kubernetes and cloud platforms like Azure or AWS, along with a background in security areas. A technical background or education, preferably with a few years of experience in roles like Developer or Security Engineer, is desired.