ICT Security Analyst Job stage 5

Job Description

Date: Jul 2, 2019

Job Summary:

We are now looking for an Information and Communication Technology (ICT) Security Analyst. In this role, you will ensure proper protection of information assets, accessed through the Ericsson IT environment. You will be a key player  by providing IT security operations, expertise, support and solutions, based on the IT Security requirements and enabling compliance with applicable internal /external requirements, laws, regulations and standards.


  • To perform of IT security Operations (24 x 7, 365 days per year) and ensure that Operational objectives are achieved.
  • Good knowledge about process / metrics and IT Security Controls. Ability to create new process and reporting matrices as and when required
  • Responsible to execute Ericsson IT Security requirements.
  • Identify and Drive process improvements in Security Operations and Incidents and project to the next level to implement
  • Good knowledge of security tools and technology such as Network IDS/IPS, Firewall, Host IDS / IPS, Antivirus, Windows Active Directory and Linux Operating System.
  • Acquire and analyse the triage on all incidents to rapidly diagnose problems and identify immediate treatment.
  • Perform detailed security event analysis, event investigation and validation, correlation and trending to ensure threats are identified and escalated accordingly
  • Investigate and find root causes of incidents and document the lessons learned.
  • Provide recommendation plan to coordinate/support incident response process for remediation
  • Good technical skill in malware analysis and reverse engineering.
  • Perform root cause analysis, trending and reporting for critical security incidents
  • Develop and Implement Use Cases for security event and incident management (leveraging SIEM solutions and other technologies)
  • Identify technologies and solutions related to infrastructure and business applications that are to be monitored for security threat detection
  • Analyze and contextualize threat intelligence feeds (zero-day vulnerabilities, malware, etc.) and provide applicable solutions to implement protective controls and/or countermeasures
  • Perform analysis and identify opportunities tune and improve efficiency of SIEM, IDS/IPS, Malware detection technologies, and other technologies related to detecting emerging threats.
  • Develop and execute continuous improvement plan to optimize and improve efficiency of various cyber defense technologies.
  • Perform routine security functions for risk detection, prevention, and response
  • Demonstrate technical skills in security architecture review, secure network design review, gap analysis and opportunity to fine-time and/or integrate security technologies


Technical Qualifications:

  • Experience in IT Security and risk management. IT Security related certification like CEH and Incident Response certification is an added advantage.
  • Knowledge of traditional Endpoint, Network, Perimeter and Endpoint Detection Response security product solutions owned by Symantec, McAfee, Cisco, Checkpoint, Juniper, Fireeye and Carbon Black
  • Good administration and troubleshooting skills on two or more technologies mentioned above would be desired
  • Exposure to Windows, Linux and Open Source Intelligence
  • Excellent technical documentation skills
  • Extensive knowledge in Security risk assessment. Implementation of solutions
  • Learning and Researching

Key Qualifications:

  • Education: BE or any bachelor’s degree
  • Total 5 to 7 years of experience with at least 5+ years of experience in IT Security
  • Ability to work at odd hours
  • Interested in Technology and Communication.
  • Good documentation skills
  • The ability to work constructively under pressure.
  • Flexibility and ability to work both in a team as well as individually.
  • Excellent communication skills

Additional Requirements:

  • Communication and people skills, as the role involves extensive interaction with internal and external partners 
  • Analytical skill 
  • Experience with regulatory requirements such as e.g. SOX, information security or IT security standards, Ericsson steering document 
  • In-depth and working knowledge of ISO 27002 controls and how they should be implemented to secure Ericsson’s information technology environments