About this Application & AI Cyber Security Engineer role at EQT Group
EQT is looking for an Application & AI Cyber Security Engineer to join our Cyber Security Engineering team, owning the security posture of our hosted applications, container platforms, and AI environments. This is a hands-on engineering role where you will build automated guardrails and real-time visibility — making the secure path the easy path across a modern, globally distributed technology landscape.
About the Team
The Cyber Security Engineering team defines and validates security standards across EQT's technology landscape. Operating as a trusted security function, the team works closely with platform engineering, cloud infrastructure, identity, and technology assurance teams to strengthen controls while enabling innovation.
This role sits within a small, high-trust team where collaboration, curiosity, and technical depth are core to how we work. The team supports both traditional application environments and emerging AI and agentic platforms, helping EQT navigate a rapidly evolving threat landscape with practical, engineering-led security standards. You will report to the Head of Digital Employee Experience and partner closely with the CISO function, contributing engineering depth directly to governance and policy decisions.
About the Role
This role brings together application security, container security, and AI security into one evolving discipline — giving you the scope to influence standards, technical controls, and governance frameworks across a global technology environment. The mandate is to build automated guardrails and observability at scale, not to review individual applications by hand.
- Design and deploy automated controls for container platforms and application deployments — admission controllers, policy-as-code, and pre-configured scanning — that enforce standards at the point of deployment rather than after the fact.
- A growing part of the job is enabling citizen development — making sure non-technical teams can use AI coding tools like Claude Code and CoWork without needing to come through security first, because the guardrails are already there.
- Curate internal security tooling, automation, and AI skills for cost, reliability, and security posture — favouring deterministic, scripted components that run fast and cheap over token-intensive approaches, and tracking cost-per-outcome across security controls as a core operating discipline.
- Own container security standards as enforceable controls: image scanning policy, runtime baselines, and registry governance across all deployment paths, including workloads outside formal pipelines.
- Manage software supply chain risk end-to-end, including dependency scanning, build-time and runtime composition analysis, and identifying high-propagation risk junctions.
- Build application security observability that goes beyond static inventories — a live picture of what is deployed, what it is composed of, and where risk is concentrated — and provide actionable dashboards for engineering leadership and the CISO function.
- Own the security configuration of EQT's AI platforms, including hardening, access controls, data flow governance, and defences against prompt injection and data exfiltration.
- Assess MCP connector risk — API call patterns, data processing terms, allowlist maintenance, and dependency chains — and evaluate new AI tools with enough technical depth to inform CISO-level approval decisions.
- Define behavioural baselines for agentic execution environments and close AI-specific insider threat gaps, ensuring monitoring tools can see into AI data flows.
- Collaborate with Detection & Insider Threat Engineers on container runtime telemetry, and with Identity & Cloud Security Engineers on service identity, workload access, and secrets management.
Tools You'll Work With
Kubernetes, CI/CD platforms, SBOM tooling, Aikido, Claude Enterprise, Claude Code, MCP, CoWork, DTEX, Datadog, policy-as-code frameworks.
About You
You are a technically grounded security engineer who cares deeply about developer experience and approaches security friction as a design problem to solve, not a trade-off to accept. You work with clarity and ownership, communicate technical findings to senior stakeholders with confidence, and are actively building your knowledge of AI and agentic security.
What you'll bring (must-have):
- Proven hands-on experience with container security — Kubernetes, image scanning, admission control, runtime protection, and policy-as-code.
- A track record of building automated security controls that scale, with an instinct for making the right path easy and the wrong path hard rather than relying on manual review.
- Solid application security fundamentals, including familiarity with OWASP Top 10, secure development lifecycle, and software supply chain risk, with an orientation toward enforcement over assessment.
- Experience building security visibility into running systems through instrumentation, runtime analysis, or operational dashboards — understanding the difference between knowing what was shipped and knowing what is actually executing in production.
- Active use of AI-assisted development tools in your own engineering work (such as Claude Code, GitHub Copilot, or equivalent); this role is designed around that way of working.
- Early or growing experience in AI and LLM security — including prompt injection, data exfiltration, model API security, or agentic system controls — and a clear appetite to develop expertise in this space.
- The ability to communicate complex technical findings clearly and concisely to senior stakeholders who will translate them into policy and governance decisions.
Nice to have:
- Familiarity with tools such as CrowdStrike, Aikido, Bold Security, Nightfall, Zscaler, or Lakera Guard.
- Experience with MCP (Model Context Protocol), agentic frameworks, or AI platform administration.
- Background working in private equity, financial services, or other environments where non-public information is a primary asset requiring protection.
- Experience measuring and optimising the operational cost of security controls.
- Comfort deploying and working with local open-source LLMs for automation use cases.
How We Think About This Role
Application security and AI security share a common threat model — data exfiltration, supply chain compromise, and the boundary between trusted and untrusted code. AI connectors that interact with hosted services sit squarely in both domains. Splitting them into separate roles at a five-person team would create seams in exactly the places attackers exploit. The role is also shaped by a bet on AI-augmented engineering. An engineer with good tooling, a real token budget, and the discipline to automate before they assess can cover ground that would have required a larger team not long ago. We've designed the headcount around that — not to cut corners, but because the best security engineering now looks like one person building excellent guardrails with AI, not several people reviewing things by hand.
What We Offer
At EQT, you will work in an environment that combines high impact with high trust, contributing to security challenges that matter at a global scale. You will help shape practices in areas that are rapidly evolving across the industry — AI security, software supply chain security, and modern application platforms — with direct influence on governance decisions and engineering standards.
We offer meaningful and complex work with global reach, close collaboration with experienced colleagues across security, engineering, and technology, and genuine exposure to emerging AI technologies and cloud-native platforms. EQT has a culture that values curiosity, ownership, and continuous learning, with real opportunities for professional development in a fast-moving environment.
Compensation & Benefits Notice
We offer a competitive total rewards package including base salary, determined based on the role, experience, skill set, and location. Eligible employees may also receive discretionary incentive compensation, awarded in recognition of individual performance and company results. EQT provides a comprehensive benefits offering designed to support employee wellbeing, development, and work-life balance. Benefits include paid time off, parental leave, wellbeing and wellness support, flexible working arrangements, and learning and development opportunities. Benefits are effective from the first day of employment and may vary by location and role.
Inclusion at EQT
Our vision for EQT employees is to build high performing & engaged teams. Our competitive edge comes from fostering an environment where every individual feels valued, empowered, and motivated to drive business impact. Our commitment to inclusion is not just about fairness; We understand and believe that being a great place to work drives the best performance.At EQT, inclusion is a business imperative and it's embedded into our talent strategy, decision-making, and culture to ensure that every individual and team operates at their full potential. By doing so, we unlock better collaboration, stronger innovation, and superior investment outcomes.
About EQT
EQT is a purpose-driven global investment organization focused on active ownership strategies. With a Nordic heritage and a global mindset, EQT has a track record of over three decades of developing companies across multiple geographies, sectors and strategies. EQT has investment strategies covering all phases of a business’ development, from start-up to maturity. EQT has EUR 270 billion in total assets under management (EUR 141 billion in fee-generating assets under management), within two business segments – Private Capital and Real Assets.
With its roots in the Wallenberg family’s entrepreneurial mindset and philosophy of long-term ownership, EQT is guided by a set of strong values and a distinct corporate culture. EQT manages and advises funds and vehicles that invest across the world with the mission to future-proof companies, generate attractive returns and make a positive impact with everything EQT does. EQT has offices in more than 25 countries across Europe, Asia and the Americas and has more than 1,900 employees.
More info: www.eqtgroup.com
Follow EQT on LinkedIn, X, YouTube and Instagram