Arbetsbeskrivning

Ericsson AB Grow with us About this opportunity Ericsson PSIRT is the single point of contact for security matters across all Ericsson products. We are an essential coordination point between internal functions; from the customer units and global support organizations, through into product development and frameworks, and with external entities including; customers, security communities, vulnerability finders and much more. Our central role also covers product security situational awareness for the Ericsson portfolio, which is used in our Threat Landscape and other Threat Intelligence deliverables. We bring our individual security expertise to facilitate security contexts in our daily engagements and champion world-class security through our coordination of cases and initiatives. We seek an experienced security professional to join our skilled team spanning Finland, Sweden and Germany. Who you are Our ideal candidate has experience coordinating incidents and vulnerabilities in a product context with proven application of skills within a Product Security team; ideally a PSIRT. Has extensive background in a product development, deployment or operations team and extensive expertise in one or more of the following domains: vulnerability management, security incident response and/or security incident management. Additionally, a background in mobile network operations or architecture would be highly valued. What you will do · Vulnerability & Incident Coordination: Investigate, support, and/or lead product security-related vulnerability coordination and incident response support alongside Customer Security Directors, Customers / Customer Units, Enterprise Security, and other stakeholders. · Vulnerability Management Operations & Development: Routine vulnerability monitoring, alerting, and verification operations, alongside improvements to quality and automation. · Advisory Role: Act as PSIRT’s representative, advising other Ericsson organizations on product security issues. · Process Improvement: Contribute to and enhance existing end-to-end product security processes, such as Vulnerability Management, from development to customer engagement. · External Representation: Represent Ericsson in external forums and communities such as FIRST, ETIS, GSMA, etc., demonstrating our security leadership by contributing our knowledge, expertise and experiences. Join our Team The skills you bring · Strong ability to investigate and assess own-code and 3rd party vulnerabilities, with communications (CVE, CWE, CVSS). · Solid incident response and incident management background, applying industry best practices under pressure alongside diverse stakeholders. · Good familiarity with product development and/or product management practices with adequate technical knowledge/experience · Ability to communicate with a global and diverse set of stakeholders in high-stress situations. · Team player, innovative, high-collaborative, problem solver, and service-minded personality. · Flexibility & willingness to work across multiple time zones in virtual teams and occasionally support ongoing coordination outside of normal working hours. Highly regarded skills, education, certificates and community participation: · Experience in a PSIRT is highly regarded! · Strong scripting skills and ability to troubleshoot existing code/scripts in Bash and Python. · Digital Forensics and Incident Response in Linux environments, ideally in mobile networks. · Coding capability with a strong focus on automation. · Security certifications such as CompTIA Security+, OSCP, CISM, or CISSP. · Active involvement and contribution to the global security community (e.g., FIRST, TI/TF-CSIRT). · Minimum of a bachelor’s degree in computer science, cybersecurity, information security, telecommunications, or a related technical area, or equivalent practical experience. To be considered for this opportunity please include a cover letter to your application addressing the key criteria in the above job advertisement to demonstrate your suitability and interest in this position. Note: Approved security clearance/security vetting is required for the position and will be carried out for the selected applicant. (Finland Security Clearance Act 726/2014) Locations/Point of hire: Stockholm, Helsinki or Düsseldorf