Security compliance and risk manager, Digital Services Security Center
The future will look very different and the future starts today. We are re-inventing the service provider experience and intend to accelerate the latest innovations seen in both mobile and cloud.
Ericsson Digital Services does this by delivering best in class solutions and platforms with leading technologies, built and delivered by the best people. Now we’re taking the next step, leveraging web scale with an iconic user experience for our customers and their customers, and therefore be the partner of choice for service providers. Ericsson Digital Services provides solutions and platforms in OSS, BSS, Telecom Core, Communication Services and Cloud Infrastructure – leveraging cloud and automation technology.
Security is a rapidly changing field with activities ranging from advanced penetration testing to strategic governmental and industry relations within the cyber security domain. Digital Services Security Center consist of highly motivated specialist and leaders in various disciplines. The unit works across the Digital Services portfolio and interacts with a very mixed audience, ranging from senior customer engagements to explaining & educating designers, testers & deployment personnel. The portfolio is an advanced mixture of systems ranging from dedicated hardware to advanced microservices architecture running on distributed containerized infrastructure in hybrid clouds.
We currently have a vacancy for a Security compliance and risk manager, a member of Digital Services Security Center. DGS have customers all over the globe utilizing both public and customer specific frameworks requiring a highly skilled security coordinator that can correlate a vast set of requirements and regulatory input into tangible results. You will be tasked with evaluating global frameworks in combination with proprietary requirement into aggregated, tangible and actionable prioritized dataset for security and privacy. In cooperation with technical expertise you are expected to identify the key activities that is required in this new landscape. Your competence and findings will be utilized both in prioritization of new capabilities, improvements to methodologies, input to test & verification activities and prioritizations for our Red team. You will be part of the Security Center team and are expected to be able to work in a team collaborative environment. You will be tasked with continuously maintain and evaluate new requirements and expectations and identify gaps as they appear. You are expected to work in co-operation with other units in Ericsson to gather the information needed.
Qualifications and Experience
- At least 5-7 years’ experience from working with Security related activities in Development, Operations, Legal environment and/or Service Delivery
- Competence in global frameworks such as GDPR, NIST, CIS, ISO 27001, SANS, OWASP, SECAM, SOX, PCI-DSS, ANSSI, ETSI-NFV, ePriv, CSA a.o. is beneficial
- You are expected to be a certified ISO Lead implementer or have equivalent track record in at least one of the relevant frameworks
- Proven experience from managing business sensitive and highly confidential information
- A plus if you have proven Digital Services domain competence (Products & Services) and/or experience/knowledge from Ericsson Product Security governance (i.e. AoR, SRM, BSR, SDR, etc.)
- A plus if you are an Ericsson Certified Security Associate
- Strong ability to work structured with large datasets of mixed origin.
- Strong Result orientation and drive
- Strong relationship and networking skills
- Self-motivated, able to influence others
- Excellent presentation skills and ability to convey key messages and customer value
- Strong ability to lead, inspire and motivate
If you have any question, please contact Anders Rosengren, Head of Architecture & Technology or Carl Berg, HR Business Partner
Ericsson provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, sexual orientation, marital status, pregnancy, parental status, national origin, ethnic background, age, disability, political opinion, social status, veteran status, union membership or genetics.
Ericsson complies with applicable country, state and all local laws governing nondiscrimination in employment in every location across the world in which the company has facilities. In addition, Ericsson supports the UN Guiding Principles for Business and Human Rights and the United Nations Global Compact.
This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, training and development.
Ericsson expressly prohibits any form of workplace harassment based on race, color, religion, sex, sexual orientation, marital status, pregnancy, parental status, national origin, ethnic background, age, disability, political opinion, social status, veteran status, union membership or genetic information.
Primary country and city: Sweden (SE) || || Stockholm || IT
Req ID: 278713