Vacant job

Platform Engineer Network, Identity & Security – Stockholm

Build secure and stable infrastructure for Keolis' network and identity platform!

Keolis is responsible for public transport that moves thousands of people every day. We are now strengthening our Digital Infrastructure team and looking for a Platform Engineer in Network, Identity & Security who wants to take technical ownership in a business-critical environment and grow towards a broader security profile.

About the role

As a Platform Engineer for Network, Identity & Security, you work closely with the CISO and act as her extended arm in operational work. You are responsible for configuring and managing our network infrastructure and identity platform in a hybrid environment with both on-premises and cloud components. You also work closely with the solution architect, the delivery lead for Datacenter & Cloud, and other roles, contributing to solution design and technology choices, establishing and maintaining best practices, and creating automation solutions that make everyone's day-to-day life smoother.

Networks are not just located at the headquarters; Keolis has depots across Sweden with their own networks. However, you do not need to travel there yourself, as we have on-site technicians who perform the physical work on location. You own the technical responsibility and are the one setting the standards.

During the first year, the main focus is on cleaning up and strengthening the identity platform, while simultaneously helping the CISO establish better control and governance. This is a role for you who wants to deepen your expertise in security and identity, and who thrives working in a structured manner with good documentation as a guiding star.

Your responsibilities

• Design, configure, and manage network infrastructure (LAN, WAN, WiFi, SD-WAN, VPN, and site networks)
• Administer and develop identity platforms (Entra ID, AD DS/ADFS) as well as processes for user, role, and permission lifecycle management
• Implement network segmentation, Zero Trust principles, and secure traffic management
• Work with MFA, Conditional Access, and least privilege principles
• Implement security controls and security-by-design in networks and identity
• Support the CISO and SOC with technical information and actions during security incidents
• Create automation solutions for configuration, operations, and security (e.g., IaC and scripting)
• Participate in risk analyses, security audits, and security incident management

We are looking for someone who

• Has post-secondary education in IT, at least YH level (University College level)
• Has at least 3 years of experience in networking or 2–3 years of experience in identity and IAM – the security aspect can be learned on the job
• Has experience with hybrid environments involving on-premises and cloud
• Is structured and values good documentation
• Communicates fluently in Swedish and English, both verbally and in writing

It is an advantage if you have experience with firewall configuration (e.g., Zscaler, Fortinet, Azure Firewall, or similar solutions), Azure, Active Directory, conducted risk analyses, or managed security incidents.

Who are you?

You are curious, social, and unpretentious but structured. You thrive in clarity and order, and you are the one who naturally sets standards and best practices for others to follow. You readily offer suggestions and feedback without waiting to be asked, and you see it as an opportunity to grow into a new area.

Why Keolis?

Here you will join a team with a flat hierarchy, a family-like culture, and ample room to influence. We are in an exciting phase where we are stabilizing and modernizing our infrastructure while looking forward to a new tech strategy. There is much to change and great opportunities to take responsibility and leave your mark. For the right person, there is a clear path to deepen expertise in security and build broad competence in a business-critical area.

Location

The role is based at our headquarters on Kungsholmen in Stockholm. We work in a hybrid model and expect you to be on-site three days a week.

Application

You apply by sending your CV. A cover letter is not required. We use work psychological tests in the selection process. The position may be filled before the application deadline ends. Please note that the position is subject to a background check, which will be conducted in the final stage of the recruitment process after your approval.