Senior Information Security Engineer

As the technology firm that created the mobile world and a rich history of 145 years of building ground-breaking solutions and innovative technologies supported by 60,000+ patents, Ericsson has made it our business to make a mark. When joining our team at Ericsson you are empowered to learn, lead and perform at your best, shaping the future of technology. This is a place where you are welcomed as your own perfectly unique self, and celebrated for the skills, talent, and perspective you bring to the team.

Ericsson Enterprise Wireless Solutions (BEWS) is the group responsible for leading Ericsson’s Enterprise Networking and Security business. Our growing product portfolio spans across wide area networks, local area networks and enterprise security. We are the #1 global market leader in Wireless-WAN based enterprise connectivity solutions and are growing fast in enterprise Private 5G networks and Secure Access Services Edge (SASE) solutions.

How Will You Contribute to the Company?

Ericsson Enterprise Wireless Solutions is currently seeking a Senior Information Security Engineer to join a dynamic, multi-national Company with a key role in the Global Information Security Team. 

As a Senior Information Security Engineer, you will apply critical cyber security expertise to initiatives across all Ericsson Enterprise Wireless Solutions lines of business. As part of the Enterprise Security team, you will employ your expertise to a variety of projects and challenges. In this role, you will have the opportunity to contribute to program operations and proposal solution development as well as contributing to the defensive posture of the Company itself. This role will require a broad technical background in cyber security technology, public cloud security technologies, and a proven ability to apply that knowledge to cyber defense solutions. This position will directly report to our Manager, Security Engineering. 

What Will You Do?

• Instrument security policies and capabilities. Implement and maintain security tools as directed to support organizational cybersecurity initiatives. Secure design, architecture, and implementation

• Utilize expertise in cyber security architecture, engineering, and defensive operations in support of programs, proposals, and corporate objectives

• Facilitate architecture and technology reviews of major programs and drive alignment across the various architectural domains (e.g. Business, Information, Technology, and Security)

• Understand, advocate and support the enterprise's IT security strategy along with assisting in the development and implementation/realization of the various IT security roadmaps 

• Analyze the current IT security environment to detect critical deficiencies and recommend solutions for improvement through the development of cyber capability reference architectures and knowledge of current threat landscape

• Work with technology and business stakeholders to realize the implementation of key future state initiatives

• Proactively identify information security deficiencies or opportunities for improvement to better enable business security

• Participate in stakeholder engagement sessions to capture business and IT requirements in order to evaluate cyber solutions and assist with Proof of Concepts and/or deployments of technology across the enterprise

• Participate in the planning or modification of cyber defense architectures and cyber engineering plans for programs and proposals

• Participate in the recovery of programs suffering from cyber security deficiencies requiring technical, management and policy/governance expertise

• Support the design and implementation of technical security controls and process that supports the organization's objectives

• Evaluate network and security technologies, identify security gaps, evaluate and implement enhancements and provide mentorship for less experienced team members

• Provide regular, timely reporting on the information security topics as required 

• Plan cyber security solutions delivery and provide mentorship for less experienced team members. Effectively communicate using written, oral, non-verbal, and active listening skills 

Accountability:

• Accountable to Manager, Security Engineering for the efficient and effective execution of position responsibilities

• Accountable to Manager, Security Engineering to meet all performance objectives 

• Accountable to peer employees to ensure professionalism throughout all communication and timely completion of job tasks

Qualifications

Minimum Qualifications:

• Five (5+) years of experience relevant to Cyber Security

• Proven experience in taking security requirements and engineering them into security solutions with a focus on minimizing user impact

• Experience with Cybersecurity Engineering and Operations, identity and access management, privileged access management, password vault solutions, single sign-on, multi-factor authentication, SAML/Oauth, and operating systems (Linux/macOS/Windows)

• Experience with cloud-based Identity and Directory services and Conditional Access Policies (Microsoft Entra, AWS IAM, Azure Policy)

• Experience securing infrastructure and services in public cloud and hybrid cloud environments

• Ability to create and document proofs of concepts which demonstrate security value, particularly within Azure

• Ability to develop reference security architecture including cloud and conduct security architecture reviews of the entire stack, including those built on cloud and emerging technologies 

• Creating remediation plans to mitigate risk after completion of security reviews.

• Experience with infrastructure as code and security tool automation across public and hybrid cloud environments

• Working knowledge of security products in both on-prem, cloud and SaaS models, including GRC platforms, SIEMs, Firewalls, Security Applications, Vulnerability Detection, Network Devices, End Point Protection, Access Control and Identity Management

• Knowledge of IT Security regulations and guidance such as the RMF, NIST 800-53, NIST 800-53A, NIST 800-37, MITRE ATT&CK, ISO27001, SOX, GDPR, and SOC

• Strong writing and presentation skills

• Ability to travel up to 25% of the time

Bonus Points:

• Cloud Identity experience in support of AWS and MS Azure cloud hosting environments

• Experience with security automation tools and/or proficiency with languages (python, GoLang)

• Security Certifications (SANS GIAC, BlackHills AntiSyphon, Infosec Institute, Comptia+, Microsoft, Amazon, etc.)

Why Ericsson Enterprise Wireless Solutions?

At Ericsson Enterprise Wireless Solutions, we are one team - all in on inclusion. Celebrating the uniqueness of our individual team members across the globe helps us build diverse teams where we all can thrive. Our connected, community-focused culture enables each one of us to perform at our best and fully be ourselves. 

Our values drive everything we do: 

• Respect: we don't point a finger; we lend a hand.
• Integrity: we do the right thing, even when it is hard; we make fact-based decisions.
• Perseverance: we accept and embrace change; we have a passion to win!
• Professionalism: we hold each other accountable.

We are creating the future of global connectivity and community. Come join us. You belong here. 

Compensation & Benefits at Ericsson Enterprise Wireless Solutions

Your pay also includes the opportunity for an annual bonus. This variable pay opportunity is dependent upon the attainment of agreed to goals and objectives as determined by our Senior Leadership team. Certain eligibility and pro-ration rules apply.

Note: this date may be updated based on any extensions to the job posting.