ICT Security Analyst
ICT Security Analyst
What does your future look like?
We are on the brink of the Networked Society - a technology revolution that will change the world for good through instant global connections and expanded freedom and opportunity.
Ericsson is a world leader in the rapidly changing environment of communications technology – providing equipment, software and services to enable transformation through mobility. Headquartered in Stockholm – Sweden, Ericsson is a publically listed company with more than 115,000 employees.
More than 180 countries use Ericsson equipment and more than 40 percent of the world's mobile traffic passes through Ericsson networks. Technology is at the heart of our business. Ericsson engineers, researchers and scientists around the world are working on what’s next in information, communications and telecommunications (ICT).
A connected world is just the beginning. Your passion determines what comes next! Apply your ideas and insights to empowering people, business and society.
Come and discover what makes YOU + ERICSSON a powerful combination
We welcome the opportunity to meet you!
We are now looking for an Information and Communication Technology (ICT) Security Analyst. In this role, you will ensure proper protection of information assets, accessed through the Ericsson IT environment. You will be a key player by providing IT security operations, expertise, support and solutions, based on the IT Security requirements and enabling compliance with applicable internal /external requirements, laws, regulations and standards.
IT Security works to ensure that Ericsson has risk-based compliance & IT security mechanisms in place, based on internal and external demands. Compliance & IT Security analyzes, steers, supports and monitors compliance & security in order to achieve the right balance between risk, cost and efficiency.
ERP Security is part of IT Security. The unit specializes in managing security and user accesses in key IT business applications. The SAP landscape with ONE, EBW, EB, HRMS and BPC are examples of global applications where ERP Security is heavily involved in the ongoing operations and security.
ERP Security is accountable for the end-to-end SAP access management delivery, which includes ownership and governance of security concepts, demand to solution, user administration services and end-user support flows. We also have a large technical service delivery outsourced to external suppliers, primarily in India.
The ERP Security Operator performs validation of end-user access requests towards predefined rules, manages 2nd line support for business end-users and IT suppliers (non-business), monitors and supports system segregation of duties (SoD), and performs SOX/internal security controls on a global level. Some user administration & monitoring services will also be performed for sensitive applications going forward.
Main responsibilities include:
- Validate end-user access requests based on predefined rules and after performed analysis perform system approval/rejection in GRC AC application
- If first line support (1st line contact center) fails, help end-users to find a suitable solution or way forward.
- 2nd line support troubleshooting for SAP IT access roles: Verify that the end-user has relevant system roles and other (system specific) relationships, based on user’s organizational assignment, job role, and tasks
- Provide expert guidance and information to stakeholders on SAP R&A processes, e.g. user administration processes, demand to solution processes, incident & support handling processes etc.
- Support SAP implementation projects for companies/units supported related to user role mapping, expert guidance and go-live system preparations
- Initiate user administration services from application operations suppliers (IBM, TCS & HP) and manage potential escalation of service
- Maintain support information published on official support sites
- Manage content in ordering systems and catalog’s based on companies business need
- Perform system segregation of duty (SoD) analysis and take action on high risks and unmitigated risks in collaboration with Ericsson business and ERP Security.
- Coordinate and distribute system segregation of duty (SoD) reports to company stake holders
- Execute, coordinate and document SOX controls related to access management in global SAP.
- Execute, coordinate and document internal controls related to access management in global SAP.
- Perform user administration services for selected IT applications
- Perform internal security controls and monitoring
- Be part of ERP Security internal work streams to execute on our strategy
- A Bachelor’s degree or similar experience serves as an important knowledge base for this job
- You will be provided security training and good onboarding but as a person you should have several of the following personal traits; customer focused, curious, like to challenge yourself, known for high quality work, enjoy problem solving, process & rule oriented, team player, perform fact based decisions and being a good communicator.
- Always puts the customer first and wants to be part of delivering world class services, creating a competitive edge for Ericsson
- Good communication skills, as the role involves communication and interaction with end-users, business managers and support functions
- Specific knowledge of one or several Ericsson business processes/sub-processes are valued
- Experience from support functions or service delivery (1st/2nd/3rd line support)
- Experience from working with SAP applications, enterprise portal and remedy WIH is highly valued
- Understanding of SOX and the importance of adherence to such requirements is valued
- Experience from working with SAP roles & authorizations / user administration services (valued but not required)
Preferred Qualifications & Experience Requirements:
- User access management and administration experience.
- Reports automation via MS Excel/Visual Basic.
- Basic MS Access background.
- Familiar with reporting methodologies.
Additional Requirements, Physical Demands, Region/Local Specifications:
- Local candidates ONLY
Ericsson provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, sexual orientation, marital status, pregnancy, parental status, national origin, ethnic background, age, disability, political opinion, social status, veteran status, union membership or genetics.
Ericsson complies with applicable country, state and all local laws governing nondiscrimination in employment in every location across the world in which the company has facilities. In addition,
Ericsson supports the UN Guiding Principles for Business and Human Rights and the United Nations Global Compact.
This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, training and development.
Ericsson expressly prohibits any form of workplace harassment based on race, color, religion, sex, sexual orientation, marital status, pregnancy, parental status, national origin, ethnic background, age, disability, political opinion, social status, veteran status, union membership or genetic information.
Primary country and city: Philippines (PH) || || Taguig || IT
Req ID: 255011