Network Security Compliance Spec V
Ericsson is a world leading provider of telecommunications equipment and related services to mobile and fixed network operators globally. Present in 140 countries, we are one of the few companies worldwide that can offer end-to-end solutions for all major mobile communications standards.
Ericsson is looking for Senior Information and Communication Technology (ICT) Security Compliance and operations candidate ensuring network and systems security of Ericsson’s managed services customers. This position will interface directly with Ericsson Managed Services teams as well as our customers’ security teams. In this role, you will be a key player by leading Security compliance with applicable internal /external requirements, laws, regulations, implement security controls and processes and standards providing IT security operations, expertise, support and solutions, based on the IT Security requirements.
- Lead, establish and maintain a security posture that fosters appropriate, demonstrable, coordinated security policies, procedures controls and practices that are compliant with related law, regulation, policy and professional standards.
- Proven track record of running information security programs for large customers with experience communicating program status and operational metrics to executives
- Establish and maintain a system that fosters the routine use of risk assessments and risk management planning using existing tools related to the information security features specific to the Managed services centralised delivery hosting platform and solutions, networks, and related administrative activities such as running Local Security Management board (LSMB) meetings.
- Function as a Subject Matter Expert (SME) on cyber security technical capabilities, service delivery and solution architecture based on industry standard frameworks (NIST, ISO, PCI, ITIL, COBIT, TOGAF) industry frameworks and standards
- Experience implementing or evaluating security compliance requirements for SOX, PCI, ISO 27001, HIPAA.
- Run IT security incidents in with agreed and established process
- Establish and leverage interfaces to relevant internal or external functions and experts.
- Report to Service Delivery Director and work closely with Regional Security Director on the status and reporting of information security.
· Security Director, MSCOO, SDU, Group Functions Security, Business Units Security
· External (including Customer), 3PP vendors and audit agencies and Internal security professionals.
- Business: Act to Win, Execute and accelerate, Accountable, Customer Oriented Customer Relationship Skills, Ericsson Knowledge, and Risk & Changes/Negotiation.
- Human / Relationship: Acts with Integrity, Adaptable / Flexible, Builds Relationships, Communicates Effectively, Influences Others, Leadership Skills, Positive Attitude, Promotes Empowerment, and Provides Feedback.
- Operations: Domain experience: IT and enterprise Security
Change Management, Execution Driven, Operational Efficiency, Performance Oriented and Process Management.
- Technical / Professional:
- Relevant years of skill with IT Security which include Security compliance, Security operations work
- SOC1, SOC2, HIPPA, PCI etc. Compliance experience.
- Security certifications GSEC, CISA, CISSP, CISM, CISA, MISM, ISA, PCIP preferred.
- Qualified Security Assessor will be an advantage.
- Experience with implementation of industry standards: NIST, COBIT 5, ISO 27000 series.
- In-depth and working knowledge of ISO 27001 controls and how they should be implemented to secure Ericsson’s information technology environments
- Application Security, Cloud Security, Endpoint Security
- Enterprise Application Security, IAM, Information and Network Security
- Security information and event management (SIEM)
Minimum Education & Experience
- BS/MS degree in Computer Science, Electrical Engineering or Management Information Systems or acceptable equivalent.
- 5-10 years’ experience in IT Security operations and compliance
- Must exhibit technical leadership ability and excellent interpersonal communication skills.
DISCLAIMER: The above statements are intended to describe the general nature and level of work being performed by employees assigned to this classification. They are not intended to be construed as an exhaustive list of all responsibilities, duties and skills required of employees assigned to this position. Therefore employees assigned may be required to perform additional job tasks required by the manager.
We are proud to be an EEO/AA employer M/F/Disabled/Veterans. We maintain a drug-free workplace and perform pre-employment substance abuse testing.
Ericsson provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, sexual orientation, gender identity, marital status, pregnancy, parental status, national origin, ethnic background, age, disability, political opinion, social status, protected veteran status, union membership or genetics information. Ericsson complies with applicable country, state and all local laws governing nondiscrimination in employment in every location across the world in which the company has facilities. In addition, Ericsson supports the UN Guiding Principles for Business and Human Rights and the United Nations Global Compact.
This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, training and development.
Ericsson expressly prohibits any form of workplace harassment based on race, color, religion, sex, sexual orientation, gender identity, marital status, pregnancy, parental status, national origin, ethnic background, age, disability, political opinion, social status, protected veteran status, union membership or genetic information.
Ericsson will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by Ericsson or (c) consistent with Ericsson’s legal duty to furnish information.
Employee Polygraph Protection Act Notice - Employers are generally prohibited from requiring or requesting any employee or job applicant to take a lie detector test, and from discharging, disciplining, or discriminating against an employee or prospective employee for refusing to take a test or for exercising other rights under the Act. For more information, visit https://www.dol.gov/whd/regs/compliance/posters/eppac.pdf.
Ericsson is an equal opportunity employer and is committed to providing reasonable accommodation for qualified disabled individuals during the application and hiring process. Ericsson will make modifications or adjustments to the job application or interview process that will enable a qualified applicant to be considered for a position. If you require an accommodation due to a disability, please contact Ericsson at firstname.lastname@example.org or (866) 374-2272 (US) or (877) 338-9966 (Canada) for further assistance.
Primary country and city: United States (US) || || Plano || SharedServ