MMEA IT Security Specialist at Ericsson

About this opportunity:

• We're currently looking for a talented IT Security Specialist to join our team here at Ericsson. As an acknowledged authority within the enterprise security domain, we'll be turning to you for crucial contributions not only to daily operations and incident response, but also for project management and strategic decision-making.
• You'll play an important role in influencing our security protocols, supporting your colleagues with your expertise, and ensuring we continue to follow best practices.
• This JS7 role welcomes the knowledge of an experienced professional with the ability to analyze complex challenges, propose effective solutions, and drive improvements in processes and frameworks.

What you will do:

• Ensure compliance with IT security policies and procedures.
• Maintain asset registration and management to ensure all IT assets are properly tracked and secured.
• Conduct security assessments of IT systems to identify vulnerabilities, associated risks, and recommend the adequate treatment plans.
• Assist in the implementation and maintenance of cloud security best practices to protect cloud-based infrastructure and services.
• Support in the design, implementation, and maintenance of IT security controls.
• Coordinate vulnerability management activities, including vulnerability scanning and remediation complying with the predefined SLAs.
• Oversee the implementation of security patches to ensure timely remediation of vulnerabilities.
• Coordinate penetration testing efforts and manage the results to improve security posture.
• Manage IT risks in alignment with ISO27001, ISO27005 standards and the NIST cybersecurity framework.
• Ensure alignment with the Information Security Management System (ISMS) requirements and assist in the relevant ISMS audits.
• Ensure the implementation of endpoint security technologies and proper security measures.
• Assist in implementing the technologies and techniques to detect and prevent data leakage.
• Conduct 3rd party information security risk management reviews.
• Support in cybersecurity incidents handling and act as an IT security SME.
• Assist in IT disaster recovery planning activities.
• Assist in data privacy impact assessments covering data protection requirements.
• Work closely with other security team members to ensure appropriate security measures are implemented.

The skills you bring:

• Strong understanding of cybersecurity and data privacy standards, frameworks, and regulations (ISO 27001/2, ISO 27005, NIST, GDPR).
• Strong knowledge of cloud security best practices.
• Strong knowledge of information security technologies and latest market trends.
• Working knowledge with effective risk management principles following ISO27005 standard.
• Excellent analytical and problem-solving skills.
• Excellent leadership, communication, and relationship-building skills.

Qualifications:

• Bachelor’s degree in engineering, Computer Science, Information Security, or a related field.
• 6+ years of experience in a similar IT security management role.
• One or more cybersecurity certifications (e.g., CISSP, CISM, CISA, ISO 27001 Lead Implementor) are preferred.