Security Operations (SOC) Specialists
Job Summary - SOC Specialists – Ericsson Wallet Platform
The Ericsson Wallet Platform (EWP) is a product which enables our customers to provide mobile financial services. Customers are operators and banks, both of whom have very high expectations on the level of security which this financial solution provides and the manner in which the solution is operated, integrated and customized.
Since EWP is a product used to provide mobile financial services, special attention is given to the information security aspect of the Managed Services delivery. Namely processes, organizational elements and tooling which is specific to the EWP and is executed by Ericsson’s Security Operations Center (SOC) for EWP Managed Services.
The EWP Security Operations Centre (SOC) is organizationally part of the 2nd level operations team, but because of its role as an independent watchdog it is staffed by dedicated information security personnel whom execute the security processes throughout the whole organization and in multiple service elements. This team manages the SIEM and is its primary user.
The purpose of the SOC focuses on two goals:
- Information security risks are managed and lowered to an acceptable level.
- Compliance levels are maintained at all times.
- Access management – accounts and rights
- (Security) Incident management & investigations
- File integrity management – monitor critical changes
- Log management – monitor critical log messages
- Contractual security clauses incl. security SLA and policy compliance
In addition to the technical qualifications listed below, following qualifications apply.
- At least 5 years experience with working as a system engineer or in similar roles
- At least 2 years experience with working as a security engineer preferably in a SOC environment.
- Proven experience with security compliance
- Proven ability with taking risk based security decisions, and weighing the interest of multiple stakeholder and risk profiles against each other
- Proven ability to take in a large volume of information, such as polices, and determine their impact in a situation, e.g. whether a change request is compliant
- Proven consultancy skills
- Experience with information security in mobile financial services and/or financial services is preferred
- Experience with security certifications such as PCI DSS and ISO27001 is preferred
- High level of integrity
- Highly analytical and structured mindset
- Proven ability to multitask and handle multiple complex tasks simultaneously under time pressure; ability to prioritize
- Excellent communication skills, easy to talk to, outgoing
- Self going
- Sensitive to political aspects of vendor-customer relationships
- Ability to achieve short term results while aiming for long term goals
- You understand the compliance is not necessarily the same as security and know how to reason, argument and deliver secure and user friendly solutions which also are compliant.
- Excellent skills in interacting with staff at all levels in a professional way
- Fluent in spoken and written English
- You report to the M-Commerce security manager for everything related to your day to day work.
- You report to your line manager for everything which is outside of the above.
Ericsson provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, sexual orientation, marital status, pregnancy, parental status, national origin, ethnic background, age, disability, political opinion, social status, veteran status, union membership or genetics.
Ericsson complies with applicable country, state and all local laws governing nondiscrimination in employment in every location across the world in which the company has facilities. In addition, Ericsson supports the UN Guiding Principles for Business and Human Rights and the United Nations Global Compact.
This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, training and development.
Ericsson expressly prohibits any form of workplace harassment based on race, color, religion, sex, sexual orientation, marital status, pregnancy, parental status, national origin, ethnic background, age, disability, political opinion, social status, veteran status, union membership or genetic information.
Primary country and city: Sweden (SE) || || Karlskrona || IT
Req ID: 281775