Ericsson is continuously monitoring the global situation in relation to the Novel Coronavirus (COVID-19). Our absolute priority is to protect the health and safety of our employees, candidates, customers and partners. We are taking all precautionary measures when and where needed. These are based on the assessment of the current situation, advice from the World Health Organization, and national government directives.

With those measures in place, we continue to recruit for positions across the world while adjusting recruiting processes and activities to reflect changing circumstances. During this time it may take longer to process applications. We thank you for your patience and understanding.

At Ericsson, you can be a game changer! Because working here isn’t just a deal. It’s a big deal. This means that you get to leverage our 140+ years of experience and the expertise of more than 95,000 diverse colleagues worldwide. As part of our team, you will help solve some of society´s most complicated challenges, enabling you to be ‘the person that did that.’ We’ve never had a greater opportunity to drive change; setting the bar for technology to be inclusive and accessible; empowering an intelligent, sustainable, and connected world.

Are you in?

Head of Enterprise Security

Job Description

Date: Mar 15, 2020

Job Summary:

We are now looking for a Head of Enterprise Security to improve market and employee trust in Ericsson’s security brand by recognizing emerging trends, risk, business needs and transforming into Security Strategy and solutions. Drive and lead security strategy and execution.  Provide leadership and vision to the security organization.

Challenge how things are done in order to create trust, business value and get results. Inspire the security organization to create business enabling solutions, methods and tools to support Ericsson’s business operations.

Provide leadership and courage in stressful situations such as crisis and or difficult investigations.

 

Responsibilities

The Head of Enterprise Security has three main areas of responsibility: Corporate Security, Info/IT Security and Enterprise Security Governance (covering both Corporate and Info/IT Security domains).

 

Corporate Security

The scope for the Corporate Security responsibilities is for all Ericsson-owned or managed sites, workforce, operations and units located within the geographic boundary of the Market Area.

Responsibilities include establishing, dimensioning and managing an organization with expertise in following enterprise security domains:

  • Crisis management
  • Business continuity management (in collaboration with BA Security for hosted orgs.)
  • Security investigations
  • Physical security management
  • Security incident management
  • Travel security
  • Event security
  • Security in high risk areas (as applicable)
  • Data forensics (in selected MAs)

 

The ESD organization identifies and drives prioritized improvements for each domain, provides strategic, tactical and operational support, and ensures MA compliance with baseline enterprise requirements is verifiably achieved and maintained. Responsibilities also include identifying and addressing competence gaps through awareness, training and exercises.

In addition, the ESD organization is responsible for providing advisory and operational support upon request, to the following programs and activities:

  • Executive protection
  • Security threat intelligence
  • Insider prevention
  • eDiscovery, data collection and/or forensics, in support of corporate investigations or litigation hold
  • Third party security assessments, including due diligence
  • M&A security assessments and support
  • Assessments in support of maintaining Ericsson’s insurance (e.g. Blue Audits)

 

Info/IT Security

The scope for the Info/IT security responsibilities are covering the MOAI dimension.

Responsibilities include establishing and managing Market Area centers-of-excellence for the following enterprise security domains:

  • ISO/IEC 27001, Information Security Management System (ISMS)
  • Information and IT Security
  • Privacy Management
  • Business Continuity Management

 

Enterprise Security Governance

The Enterprise Security director supports senior management in the Market Area to govern enterprise security domains within their scopes of responsibility.

Responsibilities include:

  • Supporting senior management in the MA to manage Enterprise Security Risk across all security domains list in Sections 3.1 and 3.2.
  • Measuring and reporting Enterprise Security metrics to MA management and Group

 

Typical interfaces

Internal:

  • MA CFO (line manager)
  • MA senior management, including MA Leadership Team members
  • Chief Security Officer
  • Group Security leadership team members
  • MA Legal, HR, IT and Real Estate
  • MA Compliance organization
  • Heads of hosted operations
  • BA Security
  • Customer Security Directors supporting the MA

External:

  • Non-governmental security organizations
  • Security service providers
  • Security community within areas of responsibility

 

Behavioral competences

  • Planning and organizing
  • Delivering results and meeting expectations
  • Relating and networking
  • Writing and reporting
  • Adapting & Responding to Change
  • Deciding and initiating action
  • Delivering results and meeting customer expectations

 

Personal Traits and Skills

  • Ability to work well under pressure and stressful situations
  • Ability to prioritize and provide effective leadership for teams and key stakeholders
  • High integrity, reliable, positive, energetic, innovative, flexible
  • Strong interpersonal and networking skills
  • Strong interpersonal and networking skills
  • Strong presentation and communications skills
  • Ability to describe complex concepts concisely in executive terms

 

Qualifications and experience

  • Academic degree of Bachelor of Science, or equivalent
  • Expert knowledge in enterprise security domains, and related security standards and regulations, including ISO/IEC 27001, ISO 22301, and GDPR
  • Experienced driving programs in a global organization
  • In-depth Ericsson knowledge, including EGMS, EBPs, organization, frameworks
  • Security or risk management certifications (e.g. CISSP, CISM, CISA) preferred

 

Important Note:

For candidates located in Singapore, we will not be providing a work permit/visa, relocation assistance for this position.

Last date to apply for this position is 6 April 2020

Tag: MOAIHJ HJ   *LI-AS2

 

 

Ericsson provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, sexual orientation, marital status, pregnancy, parental status, national origin, ethnic background, age, disability, political opinion, social status, veteran status, union membership or genetics.

Ericsson complies with applicable country, state and all local laws governing nondiscrimination in employment in every location across the world in which the company has facilities. In addition, Ericsson supports the UN Guiding Principles for Business and Human Rights and the United Nations Global Compact.

This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, training and development.

Ericsson expressly prohibits any form of workplace harassment based on race, color, religion, sex, sexual orientation, marital status, pregnancy, parental status, national origin, ethnic background, age, disability, political opinion, social status, veteran status, union membership or genetic information.

 

Primary country and city: Malaysia (MY) || || Singapore || Consulting&SysInt

Req ID: 354022