Assignment Description:
We are looking for a Senior IT Security & Risk Officer to join our dynamic team.
What you will work on:
- Conduct advanced penetration tests on web applications, networks, APIs, cloud environments, and infrastructure
- Identify, exploit, and document security vulnerabilities, providing clear remediation guidance
- Design and execute sophisticated attack simulations using both manual techniques and automated tools
- Lead penetration testing projects end-to-end, from scoping to reporting and follow-up actions
- Collaborate with cross-functional teams to strengthen security controls, processes, and policies
- Mentor and supervise junior penetration testers, fostering skills development and a culture of continuous learning
- Stay current with emerging threats, vulnerabilities, tools, and industry best practices
- Prepare technical reports and present findings to both technical stakeholders and business leaders
What you bring:
- Bachelor’s degree in Computer Science, Information Security, or equivalent experience
- Minimum 5 years of hands-on experience in penetration testing or ethical hacking
- Strong expertise with penetration testing methodologies and tools (e.g., Burp Suite, Metasploit, Nmap, Wireshark)
- Proven experience testing across multiple domains: web applications, APIs, network infrastructure, and cloud services (AWS, Azure, GCP)
- Proficiency in scripting/programming languages such as Python, Bash, PowerShell, or similar
- Relevant certifications (e.g., OSCP, OSCE, CEH, CISSP, GIAC) are highly desirable
- Knowledge of threat modeling, risk assessment frameworks, and regulatory requirements (PCI-DSS, HIPAA, GDPR)
- Familiarity with DevSecOps practices and secure SDLC methodologies
- Excellent analytical and problem-solving abilities with attention to detail
- Strong communication skills, able to convey complex security issues to both technical and non-technical audiences
If this sounds interesting, please send your CV to cv@veritaz.se
