At Ericsson, you can be a game changer! Because working here isn’t just a deal. It’s a big deal. This means that you get to leverage our 140+ years of experience and the expertise of more than 95,000 diverse colleagues worldwide. As part of our team, you will help solve some of society´s most complicated challenges, enabling you to be ‘the person that did that.’ We’ve never had a greater opportunity to drive change; setting the bar for technology to be inclusive and accessible; empowering an intelligent, sustainable, and connected world.

Are you in?

Security Operations Analyst L2

Job Description

Date: Jan 6, 2020

Our vision and purpose: “Our purpose is to empower an intelligent, sustainable and connected world. For more than a century, we have been putting smart tools in the hands of people in every sector of our society, creating intelligent technologies that drive positive change. We remain committed to this effort, leaving no one behind.” - Börje Ekholm, President and CEO, Ericsson


So..who is Ericsson today and, how it supports you and the community?

In a world that is increasingly complex, we are on a quest for easy. We are creating game changing technology that is easy to use, adapt and scale, enabling our customers to capture the full value of connectivity.
Find out how our IoT, 5G and automation technology stands ready to unlock a wave of new value


The impact of your role at Ericsson:

We are now looking for a 2nd Level Security Operations professional for our Managed Security team. This position includes security event analysis, threat assessment, security incident response strategy and coordinating all cybersecurity-related investigations and incident response in partnership with the respective stakeholders within Ericsson and / or customer organization and / or 3rd Party Providers.  This position will also be responsible for vulnerability management, penetration testing, and support user access management, anti-malware/anti-virus tools, HID, DLP and data encryption as required. The professional will work alongside a highly skilled, diverse team, making sure that the information assets, that we are responsible to protect, are secured.


You will also:


  • Perform Security Incident Management, including but not limited to: supporting SIEM tools, integrating logs into the tool, creating & modifying rules, investigating and resolving alerts, automating tasks;
  • Perform Vulnerability Management, including but not limited to: supporting scan tools, executing vulnerability scans, performing analysis, recommending / tracking mitigations;
  • Perform static and / or dynamic code scanning and / or web scanning, analyze results, and provide detailed and executive reports with the results and options for mitigation;
  • Perform penetration testing, analyze results, and provide detailed and executive reports with the results and options for mitigation;
  • Work with the various Technical Authority teams to respond & resolve security incidents effectively and quickly;
  • Coordinate, when necessary, with legal team and / or external security agencies (including the Customer’s security team) for in-depth investigation;
  • Provide Root Cause Analysis for security incidents, and outages / impairments related to security tools;
  • Research new and emerging threats to gain insight into the evolving threat landscape, and share knowledge with the team;
  • Support anti-malware / anti-virus, HID, DLP, disk encryption, and file / data integrity tools;
  • Identify, recommend, and support data encryption methods and technologies based on data classification (e.g. data encrypted at rest / in transit);
  • Drive continuous process improvements by providing inputs on the current processes and possible improvement opportunities;
  • Perform periodic reporting and when applicable, presenting to management and/or the Customer’s security team.


How your expertise will make the difference (Qualifications needed):


  • 4 to 7 years experience with at least 4 years in IT and 2 years in Security;
  • The ability to provide support after normal business hours;
  • The ability to work constructively under pressure;
  • Ability to work both in a team as well as individually;
  • Participate in the out-of-hours on call rotation, providing technical support to the business for major and critical incidents;
  • Knowledge sharing and collaboration skills;
  • Customer oriented, Service minded;
  • Deliver results and meet customer expectations;
  • Excellent communication skills; English is a must;
  • Strong knowledge of information security;
  • Working knowledge of SIEM tools (such as McAfee ESM, QRadar, ArcSight, Splunk, etc.), scanning tools (Nessus, Qualys, IBM AppScan, etc.) and PAM tools (BeyondTrust, CyberArk, etc.);
  • Knowledge of both Linux-based and MS Windows-based system platforms with a strong technical understanding and aptitude for analytical problem-solving;
  • Strong understanding of enterprise, network, system and application level security issues;
  • Understanding of enterprise computing environments, distributed applications, and a strong understanding of TCP/IP networks also with available security control (technical & process control) for respective layers;
  • Understanding of the system hardening processes, tools, guidelines and benchmarks;
  • Fundamental understanding of encryption technologies;
  • Education: Academic degree;
  • CISSP, CISM, CEH, OSCP, Security+, CCNA Security, and ITIL certifications will be an advantage.


Benefits to suit your dreams (or What’s in it for you?)


  • Contract type: full time;
  • 25 vacation days/year (yes, we give you 4 days more, because you deserve it!);
  • WFH & Flexible Working Hours;
  • Medical & life insurance;
  • Gym subscription;
  • Career plan mentoring;
  • Flexible benefits from your favorite brands available on flexible benefits portal;
  • Internal learning platform to develop your knowledge, skills and competencies & curated external content -- articles, videos, courses, podcasts, and books from external libraries such as Skillsoft, Pluralsight, Big Think, EdX, TED Talks, Khan Academy, YouTube, and the open web itself (learning platform mobile enabled);
  • Part of an active community via Brand Ambassadors, CSR Activities, Sports Teams;
  • Competitive referral bonuses for recommending your friends to work at Ericsson;
  • In case of travel, daily allowance, transport, and accommodation will be paid by the company;
  • & more other benefits that the recruiting colleagues are looking forward to present them to you, once applied.


Ericsson provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, sexual orientation, marital status, pregnancy, parental status, national origin, ethnic background, age, disability, political opinion, social status, veteran status, union membership or genetics.


Ericsson complies with applicable country, state and all local laws governing nondiscrimination in employment in every location across the world in which the company has facilities. In addition, Ericsson supports the UN Guiding Principles for Business and Human Rights and the United Nations Global Compact.


This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, training and development.


Ericsson expressly prohibits any form of workplace harassment based on race, color, religion, sex, sexual orientation, marital status, pregnancy, parental status, national origin, ethnic background, age, disability, political opinion, social status, veteran status, union membership or genetic information.