Arbetsbeskrivning

Role: Cybersecurity Analyst – Attack Surface Reduction (ASR)

Seniority Level: Intermediate

Location: Stockholm, Sweden

Remote Work: 50%

Assignment Period: 1 August 2025 – 31 January 2026

Assignment Description

We are looking for a Cybersecurity Analyst with a focus on Attack Surface Reduction (ASR) to support ongoing efforts in reducing organizational exposure to cyber threats. This position is suitable for candidates with foundational to mid-level experience in cybersecurity and a passion for proactive risk management across hybrid IT environments.

Key Responsibilities

• Conduct vulnerability scanning across cloud, on-premise, and containerized environments
• 
  
• Support attack path analysis and recommend prioritization strategies for remediation
• 
  
• Assist in internal and external penetration testing activities
• 
  
• Deploy, configure, and maintain tools such as Qualys, Prisma Cloud, and Nessus
• 
  
• Participate in remediation campaigns by tracking progress and coordinating with stakeholders
• 
  
• Create detailed documentation and technical reports to communicate findings
• 
  
• Collaborate with DevOps and engineering teams to embed security into CI/CD pipelines
• 
  
• Assist in container security, cloud security assessments, and digital shadow monitoring
• 
  
• Contribute to automation initiatives for vulnerability management and patching
• 
  
• Support the implementation of security controls in software development and deployment

Qualifications

Experience:

• 2–4+ years in cybersecurity, offensive security, or IT-related roles

Technical Skills:

• Solid knowledge of vulnerability management, penetration testing, and attack surface monitoring
• 
  
• Familiarity with CI/CD pipelines and DevSecOps concepts
• 
  
• Foundational understanding of container security (e.g., Docker, Kubernetes) and cloud platforms (e.g., AWS, Azure, GCP)
• 
  
• Knowledge of data protection, encryption, and compliance standards (e.g., GDPR, CCPA)

Certifications (Required):

• Certificate of Cloud Security Knowledge (CCSK)
• 
  
• Microsoft Certified Azure Fundamentals (AZ-900)
• 
  
• Any of the following: OSCP, CompTIA Security+, CEH, GPEN, or equivalent

Preferred Certifications (Optional):

• AZ-500, AWS Security Specialist, Certified Kubernetes Security Specialist (CKS)

Key Competencies

• Technical Proficiency: Comfort with scanning tools and eagerness to learn new technologies
• 
  
• Analytical Thinking: Ability to interpret vulnerability data and prioritize risks
• 
  
• Communication: Clear technical documentation and effective stakeholder engagement
• 
  
• Collaboration: Strong team player supporting integrated security practices
• 
  
• Continuous Learning: Actively seeking development in cloud and container security
• 
  
• Problem-Solving: Takes initiative and offers creative, practical solutions
• 
  
• Professionalism: Maintains ethical standards and delivers reliable results

If you're passionate about security, continuous improvement, and working across dynamic cloud and hybrid environments—this is an excellent opportunity to grow and contribute in a meaningful way.