Head of Information Security in Business Area Security

Job Description

Date: Aug 9, 2019

Job Summary:

We are now looking for a Head of Information Security in the Business Area (BA) Security unit.

This role will support in improving market and employee trust in Ericsson’s security brand by recognizing emerging trends, risks, business needs and transforming insights into Security Strategy and solutions. Drive and lead security strategy and execution.  Provide leadership and vision to the security organization. Challenge how things are done in order to create trust, business value and get results. Inspire the security organization to create business enabling solutions, methods and tools to support Ericsson’s business operations.

Business Area Security consists of a team of security professionals supporting the business within four of our major Business Areas by setting the strategic direction for Information Security, Privacy and Business Continuity Management (BCM) within these units.

The Head of Information Security reports to the Head of Business Area Security.


Purpose of Job Role

The Head of Information Security is supported by the cross-BA Security organization as well as security people in and outside of the BA’s. This role should actively support and advise the business in implementing a level of security that is in line with Ericsson´s Security Strategy, business needs and risk appetite.

The role should also lead and plan the activities of the cross-BA Information Security resources.

The role belongs to JR 31184801 Security Management and the competences should match job stage 8 of that job role.


Job Responsibilities

The Head of Information Security reports directly to the BA Head of Security and have the following responsibilities across BAs:

  • Ensure Ericsson Security Strategy is implemented throughout the BA’s and that feedback from the BA’s are communicated back to Group Security, IT Security, Product Security or other relevant units.
  • Participate in the development of the global ISMS and support the ISMS implementation in the BA’s
  • Drive Cyber Security execution in the BA’s and coordinate activities within the BA’s and other relevant units in Ericsson
  • Act as a liaison between Group Security, IT Security and Product Security in questions relating to Information and Cyber Security priorities and Investigations.
  • Ensure Information Security Resources are utilized in an efficient way cross BA's (Cross BA function and specialists within BA's)
  • Develop and maintain BA wide steering documents, processes, tools and templates for Information security.
  • Ensure best practices, processes, templates and tools are shared cross BA
  • Act as senior advisor on Information Security within BAs, to Ericsson Leadership or customers as needed and assist in escalated presales activities.
  • Support and coordinate the handling of escalated customer, partner or internal information security incidents and act as a liaison between the BA and other involved parties in investigations.
  • Monitor the market requirements on international information security standards and drive initiatives for alignment and requests for certifications
  • Represent BA Security in SMBs when requested
  • Represent BAs and engage in activities to raise information security awareness with BAs and the ICT marketspace
  • Participate in relevant assessments and audits as needed
  • Coordinate with the other cross BA Security disciplines to ensure a unified Ways of Working throughout the BA’s.


Behavioral Competences

  • Adapting & responding to change
  • Adhering to Ericsson principles & values
  • Analyzing
  • Consultative mind
  • Coping with pressures & setbacks
  • Formulating strategies & concepts
  • Deciding and initiating action
  • Leading & supervising
  • Persuading & influencing
  • Planning & organizing
  • Working with people
  • Delivering results and meeting customer expectations
  • Leadership Competences
  • Competence Drive
  • Uncompromising integrity
  • Excelling execution
  • Embracing change
  • Enabling people
  • Courageous leadership


Qualifications and Experience

  • Proven experience in implementation of Information Security Management Systems
  • Knowledge in Ericsson Security Policies, Directives and Instructions & knowledge of Ericsson business environment
  • Strong educational and work experience in IT and Information Security with minimum 10 years of hands on experience in these domains
  • Expert knowledge of Information Security related standards and regulation, including ISO/IEC 27001, NIST, 22301, PCI, Data Privacy Legislation, SOC
  • Certified Lead Auditor/Implementor of ISO 27k
  • Experience of a security leadership role
  • Security and Risk Management training/certifications or equivalent experience
  • Strong ability to communicate and collaborate effectively
  • Strong problem-solving skills, results-oriented and a strong team player.
  • Knowledge of internal and external product portfolio related to security
  • Strong experience in project or program management
  • Strong experience in customer presentations and negotiations
  • Fluent in English (verbal and written)


Recruiter: Kamila Zych (kamila.zych@ericsson.com)

Please submit your application no later than by August 23rd.


Ericsson provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, sexual orientation, marital status, pregnancy, parental status, national origin, ethnic background, age, disability, political opinion, social status, veteran status, union membership or genetics.

Ericsson complies with applicable country, state and all local laws governing nondiscrimination in employment in every location across the world in which the company has facilities. In addition, Ericsson supports the UN Guiding Principles for Business and Human Rights and the United Nations Global Compact.

This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, training and development.

Ericsson expressly prohibits any form of workplace harassment based on race, color, religion, sex, sexual orientation, marital status, pregnancy, parental status, national origin, ethnic background, age, disability, political opinion, social status, veteran status, union membership or genetic information.


Primary country and city: Sweden (SE) || || Stockholm || IT

Req ID: 288619