Cyber Security Analyst

We are hiring Cybersecurity Analyst

Assignment Details:

• Role: Cybersecurity Analyst (Attack Surface Reduction Analyst)
• Location: Stockholm (Remote 50%)
• Assignment Period: 01 Aug 2025 – 31 Jan 2026
• Seniority Level: Intermediate
• Language: English (Proficient)

Role Purpose:

The ASR Analyst will support attack surface reduction (ASR) efforts by conducting vulnerability scanning, attack path analysis, and penetration testing, while collaborating with cross-functional teams to ensure alignment with DevSecOps principles and security best practices.

Key Responsibilities:

• Perform vulnerability scanning across cloud, on-prem, and containerized environments (Qualys, Prisma Cloud, Tenable).
• Assist in attack path analysis and penetration testing under senior analyst guidance.
• Deploy and manage security tools to enhance the organization's security posture.
• Participate in remediation campaigns and track vulnerability resolution progress.
• Document findings, prepare detailed technical reports, and communicate insights to stakeholders.
• Support cloud security assessments, container security reviews, and digital shadow monitoring.
• Contribute to CI/CD pipeline security and automation initiatives for vulnerability management.

Required Experience & Skills:

• 2–4+ years of experience in cybersecurity, offensive security, or IT security.
• Tools & Frameworks: Qualys, Prisma Cloud, Nessus, Metasploit, Burp Suite.
• Cloud Fundamentals: Microsoft AZ-900 or AWS Cloud Practitioner.
• Penetration Testing & Vulnerability Management experience.
• Foundational knowledge of DevSecOps, CI/CD, cloud security, and container security (Docker, Kubernetes).
• Required Certification: Certificate of Cloud Security Knowledge (CCSK).
• Languages: English (Proficient).
• Strong analytical thinking, attention to detail, and technical proficiency.
• Good communication and collaboration skills with cross-functional teams.
• Proactive attitude with a focus on continuous improvement and security best practices.

Nice-to-Have Certifications:

• Azure Security Engineer (AZ-500)
• AWS Security Specialist
• Certified Kubernetes Security Specialist (CKS)
• CEH, OSCP, GPEN