Role: Cybersecurity Analyst – Attack Surface Reduction (ASR)
Seniority Level: Intermediate
Location: Stockholm, Sweden
Remote Work: 50%
Assignment Period: 1 August 2025 – 31 January 2026
Assignment Description
We are looking for a Cybersecurity Analyst with a focus on Attack Surface Reduction (ASR) to support ongoing efforts in reducing organizational exposure to cyber threats. This position is suitable for candidates with foundational to mid-level experience in cybersecurity and a passion for proactive risk management across hybrid IT environments.
Key Responsibilities
Conduct vulnerability scanning across cloud, on-premise, and containerized environments
Support attack path analysis and recommend prioritization strategies for remediation
Assist in internal and external penetration testing activities
Deploy, configure, and maintain tools such as Qualys, Prisma Cloud, and Nessus
Participate in remediation campaigns by tracking progress and coordinating with stakeholders
Create detailed documentation and technical reports to communicate findings
Collaborate with DevOps and engineering teams to embed security into CI/CD pipelines
Assist in container security, cloud security assessments, and digital shadow monitoring
Contribute to automation initiatives for vulnerability management and patching
Support the implementation of security controls in software development and deployment
Qualifications
Experience:
2–4+ years in cybersecurity, offensive security, or IT-related roles
Technical Skills:
Solid knowledge of vulnerability management, penetration testing, and attack surface monitoring
Familiarity with CI/CD pipelines and DevSecOps concepts
Foundational understanding of container security (e.g., Docker, Kubernetes) and cloud platforms (e.g., AWS, Azure, GCP)
Knowledge of data protection, encryption, and compliance standards (e.g., GDPR, CCPA)
Certifications (Required):
Certificate of Cloud Security Knowledge (CCSK)
Microsoft Certified Azure Fundamentals (AZ-900)
Any of the following: OSCP, CompTIA Security+, CEH, GPEN, or equivalent
Key Competencies
Technical Proficiency: Comfort with scanning tools and eagerness to learn new technologies
Analytical Thinking: Ability to interpret vulnerability data and prioritize risks
Communication: Clear technical documentation and effective stakeholder engagement
Collaboration: Strong team player supporting integrated security practices
Continuous Learning: Actively seeking development in cloud and container security
Problem-Solving: Takes initiative and offers creative, practical solutions
Professionalism: Maintains ethical standards and delivers reliable results
If you're passionate about security, continuous improvement, and working across dynamic cloud and hybrid environments—this is an excellent opportunity to grow and contribute in a meaningful way.