IT Security Analyst

Vaimo is a full-service digital experience agency that helps brands and businesses grow by uniting commerce, content, data, and insights into seamless, engaging, and beautifully designed customer experiences.

With 16+ years of experience and offices across the Nordics, EMEA, and North America, we combine strategy, design, and technology to create digital experiences that drive measurable results. Our teams work across B2C, B2B, and D2C — from redefining global lifestyle brands to transforming complex enterprise ecosystems.

We are looking for an experienced and hands-on IT Security Analyst with strong technical expertise, analytical thinking, and problem-solving skills. You will work closely with our Applications and Development teams to ensure that all software projects follow best security practices from design to release.

As part of the Security Department, your mission is to protect our systems, applications, and development processes — by reviewing code, auditing security baselines, defining and improving internal processes, and supporting teams in building secure solutions.

• Conduct internal security audits of applications and infrastructure — following existing processes and developing new ones (including audits for AI-related projects).
• Review project code, architecture, and infrastructure to identify vulnerabilities and enforce secure development standards.
• Support developers by providing recommendations, guidance, and security best practices.
• Develop tools and scripts to help delivery teams enforce and monitor compliance with security policies.
• Coordinate and manage penetration testing, including third-party pentests when required.
• Monitor the overall security posture of systems and applications, ensuring continuous compliance with internal standards.
• Perform root cause analyses and help teams mitigate incidents or vulnerabilities.
• Develop and deliver security awareness training and documentation for internal teams.
• Act as a security evangelist, promoting a culture of security across teams.
• Be an ethical hacker — test responsibly, identify weaknesses, and use this access wisely.

• Minimum 5 years of experience in software or web application development and/or security.
• Strong understanding of web application security and the cyber-attack chain.
• Solid experience with code review and troubleshooting complex issues.
• Exposure to penetration testing tools and techniques.
• Familiarity with publicly and privately disclosed vulnerabilities and ability to assess potential impact.
• Understanding of secure development practices (design, coding, testing, documentation).
• Experience developing internal security tools or automation scripts.
• Knowledge of PHP or other web programming languages is an advantage.
• Fluent in English, both written and spoken.