At Ericsson, you can be a game changer! Because working here isn’t just a deal. It’s a big deal. This means that you get to leverage our 140+ years of experience and the expertise of more than 95,000 diverse colleagues worldwide. As part of our team, you will help solve some of society´s most complicated challenges, enabling you to be ‘the person that did that.’ We’ve never had a greater opportunity to drive change; setting the bar for technology to be inclusive and accessible; empowering an intelligent, sustainable, and connected world.

Are you in?

BNEW Security Risk Manager

Job Description

Date: Dec 4, 2019

BNEW has a team of security professionals supporting the business by setting the strategic direction for Information Security, IT Security, Privacy and Business Continuity Management (BCM). The team works closely with the Product Security organization in BNEW as well as other security functions cross Ericsson. 
BNEW Security Risk Manager is overall responsible for ensuring that BNEW maintains order and uniformity in our Security Risks in line with Group Policies and Directives. 
The BNEW Security Risk Manager reports to Head of BNEW Security.


The BNEW Security Risk Manager is responsible for maintaining the BNEW security risk register in line with Group Directives. This function should also ensure BNEW risks are communicated and synchronized with units in BNEW as well as with BA/MA/GF. This role should guide and support the business in security risks management methodology used by Ericsson.


Job Responsibilities 
The BNEW Security Risk Manager reports directly to the BA Head of Security and have the following responsibilities across BAs:
•    Follow up and facilitate Information Security Risks Assessment (ISRA) process
•    Support larger BNEW sub-units with ISRA
•    Facilitate/guide smaller BNEW sub-units
•    Drive and consolidate Security Improvement plan based on input from Risks, internal assessments, audits and ISMS maturity
•    Follow up on all and drive/engage in selected Risk Treatment Plans (RTP)
•    Handle risk escalations towards Group and other MAs/BAs
•    Manage BNEW exemptions for IT exemptions and Steering document exemptions 
•    Analyze and consolidate key risks and trends in risk assessments
•    Quality assurance of ISRA – Information Security Risk Assessments
•    Proactively drive improvements, simplification and automation of ISRA and continuous security risk management in BNEW
•    Ensure the Business Areas have the right level of ISMS implementation to be compliant with the ISO27001 standard.
•    Ensure risks are followed up on in SMB and other governance meetings and were applicable record decisions taken is such forms


Qualifications and Experience

•    Strong educational and work experience in IT and Information Security with minimum 10 years of hands on experience in these domains
•    Knowledge of Information Security related standards and regulation, including ISO/IEC 27001, ISO27005, ISO 31000, SOC
•    Security and Risk Management training/certifications or equivalent experience
•    Ability to communicate and collaborate effectively
•    Strong problem-solving skills, results-oriented and a strong team player.
•    Knowledge of internal and external product portfolio related to security
•    Experience in project or program management
•    Experience in customer presentations and negotiations
•    Fluent in English (verbal and written)


Recruiter: Kamila Zych
Please submit your application documents in English no later than by December 17th,2019.


Ericsson provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, sexual orientation, marital status, pregnancy, parental status, national origin, ethnic background, age, disability, political opinion, social status, veteran status, union membership or genetics.

Ericsson complies with applicable country, state and all local laws governing nondiscrimination in employment in every location across the world in which the company has facilities. In addition, Ericsson supports the UN Guiding Principles for Business and Human Rights and the United Nations Global Compact.

This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, training and development.

Ericsson expressly prohibits any form of workplace harassment based on race, color, religion, sex, sexual orientation, marital status, pregnancy, parental status, national origin, ethnic background, age, disability, political opinion, social status, veteran status, union membership or genetic information.


Primary country and city: Sweden (SE) || || Stockholm || ProdMgt

Req ID: 307232