Senior Security Architect - South Africa
The Ericsson Wallet Platform (EWP) is a product which enables our customers to provide mobile financial services. Customers are operators and banks, both of whom have very high expectations on the level of security which this financial solution provides and the way the solution is operated, integrated and customized.
Contracts with customers include security SLAs and mandatory compliance levels against customer and Ericsson security policies, security standards and benchmarks such as PCI DSS, ISO27001, Center for Internet Security benchmarks, OWASP, etc. They also include compliance obligations against regulation on financial services, information security, data protection and related areas.
Your primary responsibility is to ensure the security of our Wallet Platform deliveries within MS (Managed Services), ADM (Application development management) and CSI (consulting and solution integration) and compliance against contractual obligations.
Your secondary responsibility is to act as a coach to all staff involved and manage the security relationship with the customer and third parties.
You achieve these through the following activities:
Act as a security point of contact for group customer account and drive security governance both with external customer and internal stakeholders. Drive prioritized improvement initiatives in key strategic and operational areas. Execute through strong relationships with internal and external stakeholders
Analyze policies, standards, benchmarks and other documentation, as well as compliance tool reports and ensure the EWP product and solution are configured in a compliant manner. Also ensure that solution additions or changes are specified, designed, tested and implemented in a compliant manner. This involves document research, workshops, gap analyses, configuration and WoW specifications, etc.
Ensure security quality assurance by reviewing deliverables from CSI and ADM teams such as solution description documents, requirements list, custom software solutions and system configuration, etc. and provide approval for these. Provide guidance on how such deliverables need to be changed in order to be more secure and compliant.
Answer questions on security by customers, CSI and ADM team members and others and actively engage them to increase security awareness and understanding of how to achieve compliance. Ensure both customer and Ericsson risks are well managed, and escalations avoided. Identify gaps and define appropriate solutions for them. Provide best practice and compliant solutions which are simple, elegant, effective, cost conscious and secure. Assist the CSI and ADM team members in configuring security features and securely configuring non-security features. Actively avoid a silo-ization of security, since secure behavior and security knowledge should exist in all team members.
You work very closely with the security teams in the Ericsson M-Commerce and in coordination with them execute projects to increase compliance, improve security, simplify and reduce cost.
At least 5 years’ experience as an information security architect, consultant or line function
At least 8 years’ experience with working in a leading role, preferably within IT security domains.
Proven experience with security compliance
Proven ability with taking risk-based security decisions, and weighing the interest of multiple stakeholder and risk profiles against each other
Proven ability to take in a large volume of information, such as polices, and determine their impact in a particular situation, e.g. whether a change request is compliant
Proven consultancy skills
CISSP or similar certification
Experience with information security in mobile financial services and/or financial services is preferred
Experience with implementing security certifications such as PCI DSS and ISO27001 is preferred
High level of integrity
Highly analytical and structured mindset
Proven ability to multitask and handle multiple complex tasks simultaneously under time pressure; ability to prioritize
Excellent communication skills, easy to talk to, outgoing
Sensitive to political aspects of vendor-customer relationships
Ability to achieve short term results while aiming for long term goals
You understand the compliance is not necessarily the same as security and know how to reason, argument and deliver secure and user-friendly solutions which also are compliant.
Excellent skills in interacting with staff at all levels in a professional way
Fluent in spoken and written English
You report to the M-Commerce security manager for everything related to your day to day work.
You report to your line manager for everything which is outside of the above.
Work location and team
You work for one customer with subsidiaries in multiple countries in Africa and the Middle East. You like to travel and work in very diverse environments.
Why is Ericsson a great place to work?
Ericsson enables communications service providers to capture the full value of connectivity. The company’s portfolio spans Networks, Digital Services, Managed Services, and Emerging Business and is designed to help our customers go digital, increase efficiency, find new revenue streams, and create new user experiences. Ericsson’s investments in innovation have delivered the benefits of telephony and mobile broadband to billions of people around the world ensuring our solutions – and our customers – are at the forefront of innovation. We support networks that connect more than 2.5 billion subscribers. With over 95,000 employees and customers in 180 countries, we combine global scale with technology and service leadership. 40 percent of the world’s mobile traffic is carried over an Ericsson network. And, our Technology for Good and Connect to Learn programs include creating technology that makes it easier to save lives, feed societies, bring technology to emerging markets and connectivity to remote areas, and grow businesses and prosperity.
At Ericsson, we give our employees the freedom to think big and navigate their career, on a global scale. We create technology that helps others, from helping people enjoy their favourite content to helping people recover from natural disasters by enabling better communications between rescue workers. Your ideas and innovations can turn into achievements that impact society and change the world, creating new connections, new possibilities, and new capabilities. We find that Ericsson is at its best when we bring together the diverse skills of our people. Working across business areas, across cultures, across geographical borders, across technical disciplines. More often than not, across ground-breaking solutions. Next generation technology can be staggeringly complex. But the simpler it is to use; the more people benefit from it. Join us and help build technology that makes it simple to connect with information, business, societies, and each other.
TAG: MMEAHJ HJ
Ericsson provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, sexual orientation, marital status, pregnancy, parental status, national origin, ethnic background, age, disability, political opinion, social status, veteran status, union membership or genetics.
Ericsson complies with applicable country, state and all local laws governing nondiscrimination in employment in every location across the world in which the company has facilities. In addition, Ericsson supports the UN Guiding Principles for Business and Human Rights and the United Nations Global Compact.
This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, training and development.
Ericsson expressly prohibits any form of workplace harassment based on race, color, religion, sex, sexual orientation, marital status, pregnancy, parental status, national origin, ethnic background, age, disability, political opinion, social status, veteran status, union membership or genetic information.
Primary country and city: South Africa (ZA) || || Johannesburg || Consulting&SysInt; IT; ProdMgt; R&D; SalesStratMkt&ComMgt; ServEng; SharedServ; Stud&YP; Supply&Log
Req ID: 274883