IT Security Analyst

Vaimo: Digital Experience Agency

Vaimo is a full-service digital experience agency dedicated to helping brands and businesses grow. We unite commerce, content, data, and insights to create seamless, engaging, and beautifully designed customer experiences.

With over 16 years of experience and offices across the Nordics, EMEA, and North America, we combine strategy, design, and technology to create digital experiences that drive measurable results. Our teams work across B2C, B2B, and D2C, redefining global lifestyle brands and transforming complex enterprise ecosystems.

The Opportunity: Experienced IT Security Analyst

We are seeking an experienced and hands-on IT Security Analyst with strong technical expertise, analytical thinking, and problem-solving skills. You will collaborate closely with our Applications and Development teams to ensure all software projects adhere to best security practices from design through release.

As part of the Security Department, your mission is to protect our systems, applications, and development processes by reviewing code, auditing security baselines, defining and improving internal processes, and supporting teams in building secure solutions.

Key Responsibilities: Security Audits & Code Review

• Conduct internal security audits of applications and infrastructure, following existing processes and developing new ones (including audits for AI-related projects).
• Review project code, architecture, and infrastructure to identify vulnerabilities and enforce secure development standards.
• Support developers by providing recommendations, guidance, and security best practices.
• Develop tools and scripts to help delivery teams enforce and monitor compliance with security policies.
• Coordinate and manage penetration testing, including third-party pentests when required.
• Monitor the overall security posture of systems and applications, ensuring continuous compliance with internal standards.
• Perform root cause analyses and help teams mitigate incidents or vulnerabilities.
• Develop and deliver security awareness training and documentation for internal teams.
• Act as a security evangelist, promoting a culture of security across teams.
• Be an ethical hacker: test responsibly, identify weaknesses, and use this access wisely.

Skills & Requirements

• Minimum 5 years of experience in software or web application development and/or security.
• Strong understanding of web application security and the cyber-attack chain.
• Solid experience with code review and troubleshooting complex issues.
• Exposure to penetration testing tools and techniques.
• Familiarity with publicly and privately disclosed vulnerabilities and ability to assess potential impact.
• Understanding of secure development practices (design, coding, testing, documentation).
• Experience developing internal security tools or automation scripts.
• Knowledge of PHP or other web programming languages is an advantage.
• Fluent in English, both written and spoken.