Vulnerability Management Lead, PSIRT

Oct 14 - 31

As the tech firm that created the mobile world, and with more than 54,000 patents to our name, we’ve made it our business to make a mark. When joining our team at Ericsson you are empowered to learn, lead and perform at your best, shaping the future of technology. This is a place where you’re welcomed as your own perfectly unique self, and celebrated for the skills, talent, and perspective you bring to the team. Are you in?  Come, and be where it begins.

Our Exciting Opportunity!

A Multi-Geography hire – we are interested in candidates from all locations. Ericsson Product Security Incident Response Team is a global player and single point-of-contact in Security for Ericsson products. Team responsibilities include vulnerability management, security incident investigations, digital forensics, and coordination for the entire Ericsson product portfolio.

Vulnerability Management Lead role in Ericsson PSIRT offers you an outstanding opportunity and a perfect place to excel in security. Leading the team in carrying out and improving vulnerability management. Working closely with the Head of PSIRT. Collaborating with all relevant internal organisations from product development to customer support and even customer security teams. Contribute to international security community incl. FIRST, TI/TF-CSIRT, etc.

Responsibilities to include:

  • Be the domain specialist with regards to the best vulnerability management and communication practices relevant for product portfolio.
  • Be responsible for managing vulnerability management execution and a subset of other operations within PSIRT along with Head of PSIRT and Incident Response Lead.
  • Be responsible for organising and carrying out internal and external vulnerability disclosures and coordination.
  • Lead the execution and improvement of the customer support request handling in PSIRT for product vulnerability related issues.
  • Contribute to improve the tooling and process initiatives for future Ericsson portfolio vulnerability management needs.
  • Collaborate and communicate at all levels with Ericsson’s diverse & global stakeholders ranging from technical contacts to higher management and customer security teams.

To be successful in the role:

  • Minimum of bachelor’s degree in computer science, cyber security, information security, telecommunications or equivalent practical experience.
  • Experience in IT, Telecom or Cyber/Product Security. Knowledge and experience with vulnerability management, coordination and secure product development.
  • Extensive knowledge of concepts and frameworks related to global vulnerability landscape. Willingness and skill to lead the execution of vulnerability management for Ericsson portfolio to new dimensions.
  • Self-starter and project manage to always deliver on time. Solid balance of strategic vision and ability to get things done.
  • Innovative, problem solving and service oriented mentality. Excellent presentation and communication skills in English.
  • Handling high-stress situations; deal with personnel from all organisational levels, external customers and other authorities in crisis situations.

You might also have:

Understanding of information security standards and secure software development. Security certifications: CompTIA Security +, OSCP (Offensive Security Certified Professional), Certified Information Security Manager (CISM) or Certified Information System Security Professional (CISSP). Approved security clearance is required for the position and will be carried out for the selected applicant.

What’s in it for you

Here at Ericsson, our culture is built on over a century of courageous decisions. With us, you will no longer be dreaming of what the future holds – you will be redefining it. You won’t develop for the status quo, but will build what replaces it. Joining us is a way to move your career in any direction you want; with hundreds of career opportunities in locations all over the world, for an organisation where co-creation and collaboration are embedded into the walls. You will find yourself in a speak-up environment where empathy and humanness serve as cornerstones for how we work, and where work-life balance is a priority. Welcome to an inclusive, global company where your opportunity to make an impact is endless!

What happens once you apply

To prepare yourself for next steps, please explore here: https://www.ericsson.com/en/careers/job-opportunities/hiring-process

Do you believe that an organization fostering an environment of cooperation and collaboration to execute with speed creates better business value? Do you value a culture of humanness, where fact based decisions are important and our people are encouraged to speak up? Do you believe that diverse, inclusive teams drive performance and innovation? At Ericsson, we do. We provide equal employment opportunities without regard to race, color, gender, sexual orientation, transgender status, gender identity and/or expression, marital status, pregnancy, parental status, religion, political opinion, nationality, ethnic background, social origin, social status, Indigenous status, disability, age, union membership or employee representation and any other characteristic protected by local law or Ericsson’s Code of Business Ethics.

Ericsson provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, sexual orientation, marital status, pregnancy, parental status, national origin, ethnic background, age, disability, political opinion, social status, veteran status, union membership or genetics.

Ericsson complies with applicable country, state and all local laws governing nondiscrimination in employment in every location across the world in which the company has facilities. In addition, Ericsson supports the UN Guiding Principles for Business and Human Rights and the United Nations Global Compact.

This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, training and development.

Ericsson expressly prohibits any form of workplace harassment based on race, color, religion, sex, sexual orientation, marital status, pregnancy, parental status, national origin, ethnic background, age, disability, political opinion, social status, veteran status, union membership or genetic information.