Cybersecurity Analyst – Attack Surface Reduction (ASR)
Workplace: Sverige
Expires: August 15, 2025
A mid-level cybersecurity analyst role focused on reducing organizational attack surface and exposure to cyber threats across cloud, on-premise, and containerized environments. This role involves vulnerability scanning, attack path analysis, penetration testing support, tool deployment and configuration, remediation coordination, documentation, and collaboration with DevOps teams to integrate security in CI/CD pipelines. The position is hybrid with 50% remote work, based in Stockholm, Sweden, for a fixed period from August 1, 2025 to January 31, 2026.
Main requirements:
- 2–4+ years experience in cybersecurity, offensive security, or IT-related roles
- Experience with vulnerability management and penetration testing
- Familiarity with CI/CD pipelines and DevSecOps concepts
- Foundational knowledge of container security (Docker, Kubernetes) and cloud platforms (AWS, Azure, GCP)
- Knowledge of data protection, encryption, and compliance standards (GDPR, CCPA)
- Certification: Certificate of Cloud Security Knowledge (CCSK)
- Certification: Microsoft Certified Azure Fundamentals (AZ-900)
- Certification: OSCP, CompTIA Security+, CEH, GPEN, or equivalent
Responsibilities:
- Conduct vulnerability scanning across cloud, on-premise, and containerized environments
- Support attack path analysis and recommend remediation prioritization
- Assist in internal and external penetration testing activities
- Deploy, configure, and maintain tools such as Qualys, Prisma Cloud, and Nessus
- Participate in remediation campaigns by tracking progress and coordinating with stakeholders
- Create detailed documentation and technical reports to communicate findings
- Collaborate with DevOps and engineering teams to embed security into CI/CD pipelines
- Assist in container security, cloud security assessments, and digital shadow monitoring
- Contribute to automation initiatives for vulnerability management and patching
- Support implementation of security controls in software development and deployment
Required hard skills:
- Vulnerability management
- Penetration testing support
- Attack surface monitoring
- Familiarity with CI/CD and DevSecOps
- Container security basics (Docker, Kubernetes)
- Cloud security basics (AWS, Azure, GCP)
- Data protection and compliance knowledge (GDPR, CCPA)
- Use of security tools: Qualys, Prisma Cloud, Nessus
Recommended hard skills:
- Advanced certifications such as AZ-500, AWS Security Specialist, Certified Kubernetes Security Specialist (CKS)
Soft skills:
- Technical proficiency and eagerness to learn new technologies
- Analytical thinking to interpret vulnerability data and prioritize risks
- Clear written and verbal communication skills
- Collaboration and team orientation
- Continuous learning mindset
- Initiative and creative problem solving
- Professionalism and ethical standards
Frameworks:
- DevSecOps
Natural languages:
- English (Proficient)
Cultural skills:
- Continuous improvement mindset
- Cross-functional teamwork
- Ethical professionalism
Apply for this job
You might also like:
- Cybersecurity Specialist with Supervision Assignment
- Infrastructure Technician – Windows, VMware & Cisco
- Service-Oriented IT Support Specialist
- Senior Network Engineer
- Senior Systems Engineer
- IT Technician
- Field Technician within IT
- Information Architect
- Senior Fullstack Developer
- IT Configuration Management Consultant