Vulnerability Management Analyst

We are in the middle of an exciting transformation During the coming year, we are evolving our current vulnerability management services with new technologies and capabilities – including External Attack Surface Management (EASM) and Continuous Threat Exposure Management (CTEM). We're now looking for someone who wants to join this journey and combine technical analysis with hands-on advisory work for our customers.

As a Vulnerability Management Analyst in our Vulnerability Operations Center, you will play a key role across both our existing and new services. You'll work closely with our customers to identify, analyze, and prioritize technical risks – providing both deep technical insights and practical guidance to reduce their exposure.

Your responsibilities

This role combines delivery in our established risk-based vulnerability management service with the development and future rollout of EASM and CTEM services.

You will:

• Perform vulnerability scanning and analysis of customer IT infrastructure and web applications.
• Identify, interpret, and contextualize technical vulnerabilities and exposure points.
• Use market leading tools to map out attack paths through vulnerabilities, weak identities, and cloud misconfigurations.
• Help customers understand and prioritize remediations, and act as a trusted advisor in their risk reduction efforts.
• Create clear documentation, reports, and decision support material for both technical and business stakeholders.
• Work with both customers and vendors to secure a stable service delivery.
• Contribute to the continuous improvement and automation of our service delivery.
• Support onboarding of new customers and assist with the launch of our new services later this year.

Your profile

We believe you:

• Have 2–5 years of experience within either cloud security, cybersecurity, or technical risk analysis. We are primarily looking for someone with a strong foundation in cloud and identity security. Vulnerability scanning experience is a plus but not a requirement.
• Have experience with cloud security tools, attack path analysis or scanning tools
• Understand cloud security fundamentals (Azure, AWS, GCP) and how misconfigurations and identity issues can be exploited.
• Have good knowledge of attack techniques and threat actor behavior. How vulnerabilities and misconfigurations can be exploited to breach an IT environment.
• Are confident in documenting and communicating your analysis in reports or customer meetings.
• Have a solid understanding of networking, operating systems (Windows/Linux), scripting (Python, Bash), and patch management.
• Team spirited mindset
• Understanding of ISO 27001

Location & eligibility requirements

• This position is on-site or hybrid from either Malmö or Stockholm.

Why join us?

• Work with market-leading tools and technologies, alongside some of the industry's brightest minds.
• Be part of our global Vulnerability Operations Center, where knowledge sharing and personal growth are core values.

• Contribute to building next-generation cybersecurity services from the ground up.

• A challenger culture that encourages you to be self-driven and curious and enables you to make change.

About Orange Cyberdefense

Orange Cyberdefense is Sweden's leading cybersecurity company. Our vision is to contribute to a safer digital society by actively defending against cyber threats. We are 3,000 employees globally, with 400 based in Sweden. Our services span the full cybersecurity lifecycle – from Anticipate to Respond.

At Orange Cyberdefense, we are all different but with the same passion; and that is our greatest strength. We are proud of our individual differences, experiences and histories and are convinced that we must include everyone to offer solutions that protect everyone. That is why we always make sure to treat all applications equally.

CDI

Eligible au télétravail