Customer Security Director
The Customer Security Director (CSD) is a dedicated Business Partner and Senior Advisor to the GCU / CU Head and their Sales and Delivery teams, as well as a single point of contact toward the Customer for all matters related to Security.
The CSD delivers value through their in-depth understanding of:
- The Customer and their: business environment, security-related concerns, requirements and reasons they issue these requirements (threat landscape, regulatory compliance, contractual requirements with their Customers, etc.);
- Ericsson and our portfolio, the solutions we are delivering for the Customer, internal strategies, steering documents, processes, methods, tools, models and ways of working; the organization and governance of Security within Ericsson;
- The contract(s) and agreement(s) between Ericsson and our Customer, outlining the agreed terms, conditions and requirements related to Security.
As a customer-facing role for designated key accounts, the Customer Security Director serves as the single point of contact between the Customer and Ericsson for all matters related to the Security of the solution or services proposed or provided by Ericsson. The CSD, ensures the Customer's Security concerns are identified, understood, acknowledged and addressed.
The CSD is responsible for strengthening Ericsson's capability to develop, sell and deliver solutions that efficiently and effectively meet the Customer's security needs, including:
- Share current and emerging customer security-related requirements with key stakeholders in the BAs, MAs and GFs where new or further development should be considered.
- Support CU/GCU business development by identifying leads and qualifying opportunities
- Support CU/GCU close deals by highlighting how Ericsson's proposed solution enhances the Customer's Cybersecurity and Data protection posture, differentiating Ericsson from the competition; includes leading Customer discussions, providing documentation or demos
- Coordinate and quality-assure security-related responses to RFx's and contracts.
- Support CFR, Managed Services Chief Operational Officer (MS COO) and Customer Project Managers to develop and implement a Security Plan to achieve fulfillment of contractual security requirements across all customer projects, including continuity of operations in the event of a crisis, business interruption, cyber-attack or other incidents;
- Risk management by executing appropriate measures to manage and mitigate risks and reduce potential impacts to an acceptable level;
- Support in ensuring the correct and efficient deployment of the security solution, people and process, validating the projects security strategy, and ensuring its adequacy to the customer’s particularities;
- Hold governance meetings on security subjects according to the program Governance structure;
- Support customer on strategic decisions regarding security solutions, as required;
- Actively promote awareness of the customer security requirements among staff delivering, operating or managing the solution delivery, including third parties and newly onboarded staff;
- Drive delivery excellence by continually verifying contract fulfillment of Security requirements across ongoing customer projects;
- Communicate the status of contractual compliance to the Customer on a regular basis, and provide additional information to further support security assurance upon request and as agreed in the contractual terms and conditions;
- Drive gap closure affecting the delivery, including weakness related to the delivery, solution, or enterprise security;
- Coordinate all matters related to Customer assessments and audits;
- Ensure performance measurement by measuring, monitoring and reporting security governance metrics to ensure that customers objectives are achieved.
Note: the CSD is not responsible for setting the security strategy for Ericsson's solutions (CTO responsibility), setting the security strategy for Ericsson's enterprise security (CSO responsibility), or handling security-related matters extending beyond the solution or services provided by Ericsson (e.g. incidents impacting the Customer’s perception of Ericsson).
Key interfaces for the CSD include:
- Sales team: GCU / CU Head, ACRs, CFRs, CSRs;
- Delivery team: Customer PMs, personnel in customer projects responsible for executing the security requirements, Managed Services Chief Operational Officer (MS COO), etc.
- Develop teams: solution experts, product security advisors, security & privacy solution SMEs;
- Ericsson security community: Group Security Enterprise Security Directors, PSIRT, Network Security, Security SMEs and expert functions.