API Security Architect

Posted date: Jun 10, 2021

Location: Bangalore, KA, IN

Company: Ericsson

As the tech firm that created the mobile world, and with more than 54,000 patents to our name, we’ve made it our business to make a mark. When joining our team at Ericsson you are empowered to learn, lead and perform at your best, shaping the future of technology. This is a place where you're welcomed as your own perfectly unique self, and celebrated for the skills, talent, and perspective you bring to the team. Are you in?

Come, and be where it begins.

Our Exciting Opportunity

At Solution Area Enterprise Systems, within Ericsson Group IT, we run IT like a business. This means focusing on the value we deliver; on top of costs we generate. We make the step from consuming technology to actively identify, cultivate, and develop new technology – but only that which will deliver value to our customers!

We are now looking for an API Security Architect to join our team.

In this global role, you will be part of a hard-working team working with digital product API. As an API Security Architect you will be working with an engaging group of API architects within API enablement center, proposing solutions and driving standard methodologies. You will interact with Product Owners, Transformation Managers, Technical Managers, Solution Architects Ericsson employees, who are work for Ericsson Group API and B2B integration capabilities.

This team is responsible for Scaling-API and B2B Integrations Solutions that supports Ericsson Group business worldwide. Scaling-API is a digital product, being incubated in a venture funding model. B2B Integrations Solutions seeks to meet Ericsson customer and partner need of commerce data and information. This team also primes in other company-wide change programs, like Digital Transformation, IT Modernization, Automation etc, in addition to redefining existing Services/Solutions through crafting enabling products.

We truly believe in happiness; we enjoy and feel passionate about what we do and value each other’s technical competence deeply!

You will

  • Be part and contribute in crafting an agile and productive work environment, that is international in nature.
  • Pro-actively ensure availability of API security information through design reviews.
  • Collaborate with IT Product Managers and coordinate with them to define, select, develop, implement, and handle required API Security solutions to protect APIs from all sorts of external and/or internal security threats.
  • Handle demands, order requests and internal/external requirements, safeguarding security services, products and architecture.
  • Support and perform API security monitoring and testing and chip in to internal and external IT security assessments or audits.
  •  Good Expereince in performing IT security incidents in accordance with agreed and established process
  • Establish and demonstrate interfaces to relevant internal or external functions and specialists.

To be successful in the role you must have

  • Work experience: Should have 8+ years of total work experience within IT domain, with 3+ years of proven similar work experience in API Security area.
  • Solid background in API (application programming interface) development Security requirements (e.g. Authentication vs. Authorization, API Keys. OAuth 2.0, SAML, etc.)
  • Solid grasp on security topics like Single Sign On, IAAA Framework, Cloud Security, Security Protocols, Risk Management, Access Control, Cryptography, Operations Security and Communication Security, Principles of SAST and DAST.
  • Good Understanding and experience of Agile delivery model.
  • Proven experience in IT and API Security design and architecture which include solution architecture work to identify technical vulnerabilities and possible mitigations to them.
  • Demonstrable experience in IT Security, Information Security, Data Privacy, IT Application Development, Application Maintenance or Operations.
  • Understanding of different access management controls like RBAC/ABAC etc.
  • Business understanding from IT perspective, and understanding of IT Security linkage in Application development lifecycle. (Concept to Retire)
  • Data Privacy Knowledge i.e. GDPR.
  • Experience with regulatory requirements such as e.g. SOX, information security or IT security standards, Ericsson steering document.
  • Solid grasp of ISO 27002 controls and how they should be implemented to secure Ericsson’s information technology environments.

What´s in it for you?

Here at Ericsson, our culture is built on over a century of daring decisions. With us, you will no longer be dreaming of what the future holds – you will be redefining it. You won’t develop for the status quo, but will build what replaces it. Joining us is a way to move your career in any direction you want; with hundreds of career opportunities in locations all over the world, in a place where co-creation and collaboration are embedded into the walls. You will find yourself in a speak-up environment where compassion and humanness serve as cornerstones for how we work, and where work-life balance is a priority. Welcome to an inclusive, global company where your chance to create an impact is endless.

What happens once you apply?

To prepare yourself for next steps, please explore here: https://www.ericsson.com/en/careers/job-opportunities/hiring-process

We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform crucial job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.

Do you believe that an organization fostering an environment of cooperation and collaboration to execute with speed creates better business value? Do you value a culture of humanness, where fact based decisions are important and our people are encouraged to speak up? Do you believe that diverse, inclusive teams drive performance and innovation? At Ericsson, we do.

We provide equal employment opportunities without regard to race, color, gender, sexual orientation, transgender status, gender identity and/or expression, marital status, pregnancy, parental status, religion, political opinion, nationality, ethnic background, social origin, social status, Indigenous status, disability, age, union membership or employee representation and any other characteristic protected by local law or Ericsson’s Code of Business Ethics.

Job Segment: Architecture, Law, Developer, Risk Management, Engineering, Security, Legal, Technology, Finance