This post is also available in: Svenska (Swedish)

Assignment Description:

We are looking for a Senior IT Security & Risk Officer to join our dynamic team.

What you will work on:

• Conduct advanced penetration tests on web applications, networks, APIs, cloud environments, and infrastructure
• Identify, exploit, and document security vulnerabilities, providing clear remediation guidance
• Design and execute sophisticated attack simulations using both manual techniques and automated tools
• Lead penetration testing projects end-to-end, from scoping to reporting and follow-up actions
• Collaborate with cross-functional teams to strengthen security controls, processes, and policies
• Mentor and supervise junior penetration testers, fostering skills development and a culture of continuous learning
• Stay current with emerging threats, vulnerabilities, tools, and industry best practices
• Prepare technical reports and present findings to both technical stakeholders and business leaders

What you bring:

• Bachelor’s degree in Computer Science, Information Security, or equivalent experience
• Minimum 5 years of hands-on experience in penetration testing or ethical hacking
• Strong expertise with penetration testing methodologies and tools (e.g., Burp Suite, Metasploit, Nmap, Wireshark)
• Proven experience testing across multiple domains: web applications, APIs, network infrastructure, and cloud services (AWS, Azure, GCP)
• Proficiency in scripting/programming languages such as Python, Bash, PowerShell, or similar
• Relevant certifications (e.g., OSCP, OSCE, CEH, CISSP, GIAC) are highly desirable
• Knowledge of threat modeling, risk assessment frameworks, and regulatory requirements (PCI-DSS, HIPAA, GDPR)
• Familiarity with DevSecOps practices and secure SDLC methodologies
• Excellent analytical and problem-solving abilities with attention to detail
• Strong communication skills, able to convey complex security issues to both technical and non-technical audiences

If this sounds interesting, please send your CV to cv@veritaz.se