ICT NAC, LAR, SkyHigh, DNS safegard & USB control Security Analyst

Job Description

Date: Jun 12, 2019

Job Summary:

We are now looking for an Information and Communication Technology (ICT) NAC, LAR, SkyHigh, DNS safegard & USB control Security Analyst.
In this role, you will ensure proper protection of information assets, accessed through the Ericsson IT environment. You will be a key player  by providing IT security operations, expertise, support and solutions, based on the IT Security requirements and enabling compliance with applicable internal /external requirements, laws, regulations and standards.

Responsibilities:

The main area & responsibilities :

  • Local Admin Rights (LAR)
    • Assess the threat posed by discovered applications within Ericsson client landscape
    • Determine the business use of discovered applications and recommend existing, approved, alternative applications
    • Classifications of applications into the functional areas, e.g. Games, Cloud Sharing, Toolbars, etc
    • Recommend applications for blocking that have no valid business use
    • Manage, research, and validate exemption requests
    • Manage the daily operation for this service
  • SkyHigh
    • Assess the threat posed by discovered website within Ericsson client landscape
    • Determine business use of discovered websites and recommend existing, approved, alternative applications if any
    • Recommend web/cloud providers for blocking that have no valid business use
    • Manage, research, and validate exemption requests
    • Manage the daily operation for this service

 

  • DNS Safeguard (Umbrella)
    • Manage the blocking of not aloud domains
    • Manage the various landing pages based on the category of not aloud web services
    • Manage the tls certificates for landing pages
    • Manage, research, and validate the exemption request
    • Manage the daily operation for this service
  • USB / mass storage blocking
    • Develop the framework for usb block
    • Develop the ordering capabilities for usb access for personal that has a documented and validated business need
    • Manage the daily operation for this service

 

The focus of the role the will be:

 

  • Work on establishing the function and setting the framework for future operations
  • Be the showcase that we can do one IT
  • Be the key drivers in the culture change
     

 

Qualifications

 

Competence:

  • Great team player in order to support the major transformation in the way Ericsson works with Cybersecurity
  • Self-driven, result-oriented, act proactively
  • Ability to build up a structure approach in driving change within and outside the own unit
  • Deep knowledge of IT with focus on Cybersecurity
  • Thorough understanding of the technology shift driving the digital transformation
  • Track record of delivering quick wins and long-term improvements
  • Excellent interpersonal skills and strong communication capabilities
  • Natural curiosity on how IT and threat landscape evolve

 

Education:

 

  • University degree in the field of IT and Cybersecurity or Long (+5 year) documented experience in the field of IT and Cybersecurity
  • You will actively and reactively ensure availability of IT security information, support and expertise
  • You will assume ownership of IT Security products, services and/or solutions, including overall strategy and roadmap for area of responsibility
  • You will handle demands, order requests and internal/external requirements, safeguarding I security services, products and architecture
  • Perform IT security monitoring and testing
  • You will contribute to internal and external IT security assessments or audits
  • Run IT security incidents in accordance with agreed and established process
  • And you will establish and leverage interfaces to relevant internal or external functions and experts

Key Qualifications:

  • Education: MSC, MBA or equivalent experience
  • Minimum years of experience: Relevant years of skill with IT Security design and architecture which include solution architecture work to identify technical vulnerabilities and possible mitigations to them

Additional Requirements:

  • Communication and people skills, as the role involves extensive interaction with internal and external partners 
  • Analytical skill 
  • Experience with regulatory requirements such as e.g. SOX, information security or IT security standards, Ericsson steering document 
  • In-depth and working knowledge of ISO 27002 controls and how they should be implemented to secure Ericsson’s information technology environment

 

Last date for application: 30th June 2019
Location: Kista, Stockholm
For queries related to the position please contact the Senior Recruiter Valentyna Ivanova at valentyna.ivanova@ericsson.com