We are now looking for a Head of Enterprise Security to improve market and employee trust in Ericsson’s security brand by recognizing emerging trends, risk, business needs and transforming into Security Strategy and solutions. Drive and lead security strategy and execution. Provide leadership and vision to the security organization.
Challenge how things are done in order to create trust, business value and get results. Inspire the security organization to create business enabling solutions, methods and tools to support Ericsson’s business operations.
Provide leadership and courage in stressful situations such as crisis and or difficult investigations.
The Head of Enterprise Security has three main areas of responsibility: Corporate Security, Info/IT Security and Enterprise Security Governance (covering both Corporate and Info/IT Security domains).
The scope for the Corporate Security responsibilities is for all Ericsson-owned or managed sites, workforce, operations and units located within the geographic boundary of the Market Area.
Responsibilities include establishing, dimensioning and managing an organization with expertise in following enterprise security domains:
- Crisis management
- Business continuity management (in collaboration with BA Security for hosted orgs.)
- Security investigations
- Physical security management
- Security incident management
- Travel security
- Event security
- Security in high risk areas (as applicable)
- Data forensics (in selected MAs)
The ESD organization identifies and drives prioritized improvements for each domain, provides strategic, tactical and operational support, and ensures MA compliance with baseline enterprise requirements is verifiably achieved and maintained. Responsibilities also include identifying and addressing competence gaps through awareness, training and exercises.
In addition, the ESD organization is responsible for providing advisory and operational support upon request, to the following programs and activities:
- Executive protection
- Security threat intelligence
- Insider prevention
- eDiscovery, data collection and/or forensics, in support of corporate investigations or litigation hold
- Third party security assessments, including due diligence
- M&A security assessments and support
- Assessments in support of maintaining Ericsson’s insurance (e.g. Blue Audits)
The scope for the Info/IT security responsibilities are covering the MOAI dimension.
Responsibilities include establishing and managing Market Area centers-of-excellence for the following enterprise security domains:
- ISO/IEC 27001, Information Security Management System (ISMS)
- Information and IT Security
- Privacy Management
- Business Continuity Management
Enterprise Security Governance
The Enterprise Security director supports senior management in the Market Area to govern enterprise security domains within their scopes of responsibility.
- Supporting senior management in the MA to manage Enterprise Security Risk across all security domains list in Sections 3.1 and 3.2.
- Measuring and reporting Enterprise Security metrics to MA management and Group
- MA CFO (line manager)
- MA senior management, including MA Leadership Team members
- Chief Security Officer
- Group Security leadership team members
- MA Legal, HR, IT and Real Estate
- MA Compliance organization
- Heads of hosted operations
- BA Security
- Customer Security Directors supporting the MA
- Non-governmental security organizations
- Security service providers
- Security community within areas of responsibility
- Planning and organizing
- Delivering results and meeting expectations
- Relating and networking
- Writing and reporting
- Adapting & Responding to Change
- Deciding and initiating action
- Delivering results and meeting customer expectations
Personal Traits and Skills
- Ability to work well under pressure and stressful situations
- Ability to prioritize and provide effective leadership for teams and key stakeholders
- High integrity, reliable, positive, energetic, innovative, flexible
- Strong interpersonal and networking skills
- Strong interpersonal and networking skills
- Strong presentation and communications skills
- Ability to describe complex concepts concisely in executive terms
Qualifications and experience
- Academic degree of Bachelor of Science, or equivalent
- Expert knowledge in enterprise security domains, and related security standards and regulations, including ISO/IEC 27001, ISO 22301, and GDPR
- Experienced driving programs in a global organization
- In-depth Ericsson knowledge, including EGMS, EBPs, organization, frameworks
- Security or risk management certifications (e.g. CISSP, CISM, CISA) preferred
For candidates located in Singapore, we will not be providing a work permit/visa, relocation assistance for this position.
Last date to apply for this position is 6 April 2020
Tag: MOAIHJ HJ *LI-AS2
Ericsson provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, sexual orientation, marital status, pregnancy, parental status, national origin, ethnic background, age, disability, political opinion, social status, veteran status, union membership or genetics.
Ericsson complies with applicable country, state and all local laws governing nondiscrimination in employment in every location across the world in which the company has facilities. In addition, Ericsson supports the UN Guiding Principles for Business and Human Rights and the United Nations Global Compact.
This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, training and development.
Ericsson expressly prohibits any form of workplace harassment based on race, color, religion, sex, sexual orientation, marital status, pregnancy, parental status, national origin, ethnic background, age, disability, political opinion, social status, veteran status, union membership or genetic information.
Primary country and city: Malaysia (MY) || || Singapore || Consulting&SysInt
Req ID: 354022