Do you have a passion for Cyber Security and uncovering innovative detection capabilities?In Swedbank you have the opportunity to:

• Work in Swedbanks Cyber Defense Center (CDC) with protecting the bank against cyber threats and solving cyber security incidents.
• Work closely with CDC specialists in Incident Response, Threat Intel and Threat Hunting to operationalize findings into high-quality alerts.
• Research new attack techniques to uncover innovative detection capabilities
• Develop, test, and tune detection logic in MS Sentinel, Devender XDR and Vectra.
• Map detections to MITRE ATT&CK and maintain coverage dashboards.

What is needed in this role:

As a Detection Engineer, you are the bridge between intelligence, hunting and incident response, transforming threat insights into robust, automated detections that keep us ahead of our adversaries.

You are passionate about what you do you and are a strong team player.

Here are the required qualifications:

• 3+ years in a technical role in the areas of Security Operations, Detection Engineering, Incident Response or Penetration Testing/Red Team.
• Experience analyzing attacker techniques including cloud-service tactics.
• Good understanding of enterprise networking environments.
• Excellent verbal and written communication skills in English
• Bachelors degree in Computer Science, Information Security, or related field – or equivalent professional experience.

Preferred qualifications:

• Good knowledge of Common frameworks such as Mitre Att&ck
• Hands-on experience with Microsoft Sentinel and KQL (Kusto Query Language).
• Knowledge of Microsoft Defender product suite and threat signal analysis.
• Familiarity with NDR tools like Vectra or similar.
• Solid understanding of attacker TTPs and detection engineering best practices.
• Ability to work with CTI, threat hunting, and IR teams to close detection gaps.
• Analytical mindset, detail-oriented, and proactive problem solver.
• Operational security, including security operations center (SOC), incident response, malware analysis or IDS and IPS analysis.

With us, you can experience:

• Personal and professional growth through self-leadership and continuous development.
• Meaningful work that positively impacts our workplace, our customers, and society.
• An open and collaborative culture that encourages cross-functional teamwork and provides networking opportunities.
• A supportive and inclusive environment that promotes a balanced and sustainable work-life, with flexible working conditions when suitable for the role.
• Benefits such as our share based reward program Eken, company pension plan, employee offer for banking products, health insurance.

"Join our team and...

Work as a detection engineer. You will be a bridge between teams working with incident response, threat intelligence, threat hunting and log management" Robert Jonsson, your future manager

We look forward to receiving your application by 12.09.2025. 

Location: Stockholm, Tallinn, Riga

Recruiting manager: Robert Jonsson

If you are employed in Estonia, please note that the salary offered for this position ranges from 4150-6250 €gross i.e. before taxes. Read more here. 

If you are to be employed in Latvia, please note that the salary offered for this position ranges from 3950-5950 € gross i.e. before taxes. Read more here. 

We may begin the selection during the application period, so we welcome your application as soon as possible.

We have made our choice regarding recruitment media and therefore kindly decline contact with ad sellers or sellers of other recruitment services.

Swedbank does not discriminate anybody based on gender, age, sexual orientation or sexual identity, ethnicity, religion or disability – everybody is welcome.

#LI-Hybrid

#LI-MA1