Attack Surface Management Specialist

Are you passionate about cybersecurity and eager to protect organizations from potential threats? We are seeking a skilled Attack Surface Management Specialist to join our dynamic team. As an Attack Surface Management Specialist, you will play a crucial role in identifying and prioritizing vulnerabilities within our systems and infrastructure. If you possess strong analytical skills, a deep understanding of attack surface management methodologies, and a drive for securing critical assets, we invite you to apply for this exciting opportunity.


At Enterprise IT Security (EITS), we are on a mission to secure the IT journey for the Volvo Group. We work closely together with stakeholders across several Business Areas (BAs), Truck Divisions (TDs), and Group Functions (GFs). While the BAs drive the business, the TDs provide research, development, purchasing, manufacturing, and assembly. Within Volvo Group, the GFs own the Group agenda, provide strategic direction, and have global responsibility in group-wide functions such as IT, legal, compliance, and security.


This function/role resides in the Active Cyber Defense division which is a part of EITS and responsible for proactive measures to enhance preparedness against cyber threats. You will report to the Head of Attack Surface Management in this role.


Role Description
In this role, you will:
Conduct comprehensive assessments of our organization's attack surface, including network infrastructure, applications, systems, and databases.
Utilize cutting-edge attack surface management tools and -techniques to identify potential vulnerabilities and threats.
Collaborate with cross-functional teams to develop and implement effective strategies for reducing the attack surface and minimizing security risks.
Perform regular security audits and vulnerability assessments to identify and prioritize potential risks and vulnerabilities.
Monitor emerging threats and stay up-to-date with the latest attack techniques and defense mechanisms.
Provide recommendations and actionable insights to enhance the overall security posture of the organization.
Document and report findings to management and stakeholders, offering clear recommendations for risk mitigation.



Critical Competencies:
Proven experience in attack surface management, vulnerability assessment, or penetration testing.
Deep understanding of attack surface management methodologies, tools, and frameworks.
Proficient in using attack surface management tools such as vulnerability scanners, network mapping tools, and asset discovery solutions.
Strong knowledge of common security vulnerabilities and attack vectors.
Familiarity with industry standards and frameworks such as OWASP, NIST, and CIS benchmarks.
Excellent analytical and problem-solving skills, with the ability to think critically and identify potential risks and vulnerabilities.
Effective communication skills to clearly convey complex technical concepts to both technical and non-technical stakeholders.
Willingness to learn, know and understand Volvo Group security policies, directives and requirements.



Minimum Education and Experience:
Bachelor’s or Master’s degree in Information Technology, Information Systems, Engineering, a related field or equivalent work experience.
Minimum of 3 years of experience in attack surface reduction.
Experience in tech, security or automotive industry is highly regarded.
Subject matter expertise in vulnerability management and external attack surface management.
Affinity to find solutions for cyber threat countermeasures.
Domain-specific certifications (e.g., GCTI, CTIA, CTIP) would be an advantage.

Kindly note that due to GDPR, we will not accept applications via mail. Please use our career site.