About the role
The role of the Group Offensive Security Analyst is a newly established position, with a broad responsibility to test information security across the group. The Group Offensive Security Analyst reports to the Chief Information Security Officer.

As a key member of our information security team, you will proactively identify vulnerabilities in systems, networks, and applications by simulating real-world cyberattacks. Your work will include conducting penetration tests, evaluating security controls, and performing in-depth vulnerability assessments to uncover risks and misconfigurations across the organization’s infrastructure.

You will lead and participate in red team exercises, simulating sophisticated attacks to evaluate the organization’s ability to detect, respond to, and recover from threats. Your findings will be documented in detailed reports with actionable remediation steps, which you’ll present to the CISO to guide security priorities.

Collaboration is essential — you will work closely with many different teams, such as system administrators, developers and various stakeholders to ensure swift remediation of vulnerabilities, helping build a stronger, more resilient security environment for the organization.

Some travel will be required for this role.

About you
We are looking for a highly skilled and motivated professional with the ability to deliver results within agreed timelines while maintaining a quality-oriented approach. You possess strong documentation and presentation skills, along with technical expertise in computer systems, including a solid understanding of Active Directory, Azure, and Windows operating systems. High integrity is essential, as is the ability to evaluate risks and make informed decisions.

The ideal candidate has a university degree in computer science or a related field, with more than three years of experience in information security roles. Detailed knowledge of ISO 27 001 standards and relevant certifications, such as OSCP or CISSP, are qualifying skills. Familiarity with Stratsys is an advantage.

We value team players who are self-motivated with a positive attitude.

About us
The CISO Office is a unit within Corporate Governance at Stena AB. The CISO Office manages the information security strategy, governance and management for the group, utilizing an Information Security Management System (ISMS), built on ISO 27 001. Corporate Governance is a function that focuses on continuous development and improvement within primarily information security, regulatory compliance and financial reporting processes. The work is risk based and the function also covers enterprise risk management, governing documents like the Code of Conduct and Code of Governance, brand protection, investigations and more.

The Stena AB Group is one of the largest family-owned group of companies in Sweden. Within Stena there is a true entrepreneurial spirit with customer focus in a wide range of sectors around the world. Stena creates sustainable value today and in the future through care and respect for people, capital, society and the surrounding environment. Working at Stena means having fun and a great opportunity to constantly learn. Welcome to visit our website, www.stena.com, where you can read more about us and our business.

Contacts
About the position: Magnus Carling, CISO, magnus.carling@stena.com
About the recruitment process: Sofia Bergquist, HR Business Partner, sofia.bergquist@stena.com

Submit your application now – interviews are conducted on an ongoing basis, and the position may be filled before the application deadline 30 March 2025.

We look forward to hearing from you.