Cybersecurity Analyst and/or Developer – Vehicle Security Operation Centre (VSOC)

Scania is transforming from being a leading supplier of trucks, buses, and engines to offering complete and sustainable transport solutions. We are looking for both a developer and a cybersecurity analyst to join our Vehicle Security Operation Centre (VSOC) within research and development.

 

Role Overview

 

Are you passionate about vehicles and eager to contribute to vehicle cybersecurity? Do you enjoy analyzing log data to uncover anomalies? If so, we have an exciting opportunity for you. We are looking for a skilled Cybersecurity Operations Analyst or Developer to join our Product Cybersecurity team.

In this role, you will monitor product data flows for anomalies, search for cybersecurity threats and vulnerabilities, and help prevent or remediate security incidents. Your work will enhance our cybersecurity capabilities by developing advanced detection mechanisms to defend against emerging threats.

 

What you will do

 

• Developer:
  • Develop and adjust tools, including implementing triggers for cybersecurity events.
  • Engage in trigger development process, perform confirmation and verification review
  • Continuously improve the development of our SIEM system (Security Information Event Management).
  • Collaborate with other analysts and teams to enhance triage algorithms.

 

• Cybersecurity Analyst:
  • Monitor anomalies and identify potential threats to vehicles.
  • Define and decide on possible actions in threat hunting/threat intelligence.
  • Support PSIRT in incident investigation

 

The skills you bring

 

You are analytical and detail-oriented, with strong cybersecurity knowledge and an interest in automotive technology and communication protocols.

 

Additionally, you should have:

• Technical background with experience in automotive, Cybersecurity or Security Operations Center
• Previous SOC/monitoring experience is a plus.
• Must be proficient in Python, knowledge of Pandas, PyCharm, Pytorch is a plus

• Experience in analyzing large datasets using SQL, R, or Pandas
• Knowledge of GITLAB
• An understanding of or willingness to learn about ISO 21434 compliance
• Knowledge of UNECE R155 is a plus
• Desired certifications could be relevant:

• CompTIA Security+, GCIH, CySA+, CSA, CASEC(TÜV), Offsec SOC-200 OSDA

 

As a person you are communicative and good at collaborating. You are structured, and have the ability to set and keep deadlines, as well as show good judgment under time pressure. You feel comfortable describing your work and explaining findings to the team and our stakeholders. Most importantly, you are interested in the area of product cybersecurity and want to be part of building our cybersecurity defense in depth. 

 

About Us

 

We are a dynamic team of experts working at the forefront of innovation in connected vehicles, our mission is to ensure they remain safe, secure, and resilient in the face of evolving cybersecurity threats. We operate with integrity, and with dedication to our core values.  

If you are ready to take your career to the next level and contribute to the cybersecurity of the new generation of vehicles, we want to hear from you. 

 

What Scania Offers

 

We offer a dynamic, flexible workplace with hybrid work options, including Scania Sergel and Midway hubs. With a structured development plan and courses, Scania supports your career growth both locally and internationally.  
 

Benefits include training at our health center Gröndal or wellness allowance, result bonus, flexible hours, and company car leasing. Scania also hosts events for employees and their families, and Stockholm residents enjoy direct access to Södertälje via Scania Job express buses.

 

Application

 

Please submit your CV and any relevant certificates. The application deadline is 2025-03-24, and screening will take place on an ongoing basis. Logical and personality tests may be used as part of the selection process, and a background check may be required.

For more information, contact Jenny Holmqvist, Manager, Cybersecurity Monitoring and Incident Response, at +46(0)8 553 817 54.