Ericsson enables communications service providers to capture the full value of connectivity. The company’s portfolio spans Networks, Digital Services, Managed Services, and Emerging Business and is designed to help our customers go digital, increase efficiency, find new revenue streams, and create new user experiences. Ericsson’s investments in innovation have delivered the benefits of telephony and mobile broadband to billions of people around the world ensuring our solutions - and our customers - are at the forefront of innovation. We support networks that connect more than 2.5 billion subscribers. With close to 100,000 employees and customers in 180 countries, we combine global scale with technology and service leadership. 40 percent of the world’s mobile traffic is carried over an Ericsson network. And, our Technology for Good and Connect to Learn programs include creating technology that makes it easier to save lives, feed societies, bring technology to emerging markets and connectivity to remote areas, and grow businesses and prosperity.
At Ericsson, we give our employees the freedom to think big and navigate their career, on a global scale. We create technology that helps others, from helping people enjoy their favorite content to helping people recover from natural disasters by enabling better communications between rescue workers. Your ideas and innovations can turn into achievements that impact society and change the world, creating new connections, new possibilities, and new capabilities. We find that Ericsson is at its best when we bring together the diverse skills of our people. Working across business areas, across cultures, across geographical borders, across technical disciplines. More often than not, across ground-breaking solutions. Next generation technology can be staggeringly complex. But the simpler it is to use; the more people benefit from it. Join us and help build technology that makes it simple to connect with information, business, societies, and each other.
The BDGS Security Centre is now recruiting for a Penetration Tester to be part of our Red Team, in the R&D team in Massy, France. The role will be based in Massey. This role will be responsible for undertaking various activities to assess the security of Ericsson's Digital Services portfolio, including White/Black box testing, penetration tests, perform security audits and analyses security reports. A key responsibility of this role will be the ability to use the output of various activities as an input towards the development and service delivery units. In addition, the successful candidate will be responsible for suggesting improvements to our products, product development processes and best practices.
You will need good skills and the ability to convey key messages different levels of the organization. We also think you are a strong result-oriented person with motivation and drive. You should be comfortable working both on individual tasks, but also as part of a team, depending on the different needs of the Security Centre.
- Security testing techniques, including penetration testing, code reviews, fuzzing and static/dynamic analysis
- Assessing the security posture, from both a technical and human perspective, of BDGS's portfolio
- Proposing improvements to Ericsson's Products and Processes
- Collaborating with units across Ericsson, including Product Security Incident Response Team, IT Security and Group Security on different activities
- Management of third-party testing companies as required
- Verification and validation of reports from PDUs, Customers and Regulators
- 3 years of experience working with security audits and penetration testing.
- Deep technical understanding of vulnerabilities and technology in security risks and vulnerabilities.
- Programming and scripting knowledge and experience.
- Ability to detail and explain vulnerabilities and exploits that are discovered during test, through written reports or presentations to varying audiences.
- Experience with Windows and *nix platforms, along with virtualization and containers.
- Knowledge of different frameworks, including OWASP, SANS, MITRE etc.
- Highly skilled in industry security best practices, processes and requirements.
- Deep technical competence in relevant tools and trades. Ability to read security reports and analyze results.
- Fluent in English, French is a plus
- Certifications in OSCE/OSCP/CEH are a benefit, equivalent experience is also considered.
- Participation in CTF’s would be an advantage.
Please submit your CV in English
Do you believe that an organization fostering an environment of cooperation and collaboration to execute with speed creates better business value? Do you value a culture of humanness, where fact based decisions are important and our people are encouraged to speak up? Do you believe that diverse, inclusive teams drive performance and innovation? At Ericsson, we do.
We provide equal employment opportunities without regard to race, color, gender, sexual orientation, transgender status, gender identity and/or expression, marital status, pregnancy, parental status, religion, political opinion, nationality, ethnic background, social origin, social status, indigenous status, disability, age, union membership or employee representation and any other characteristic protected by local law or Ericsson’s Code of Business Ethics.
Hiring Manager: Brian O'Toole
Recruiter Name: Larissa Salame
Job details: Job Stage 06