Incident Detection & Response Engineer Job Summary (307020)

Job Summary
We are looking to Strengthen our Incident Detection and Response team, you will be part of advanced detection and response team that covers all of Ericsson ICT environments, on-prem as well as Cloud based.
 
What You’ll Do
- Respond to IT Security related threats within our corporate environments, which includes both On-prem as well as cloud based environments(respond, contain, remediate/eradicate) > reporting
 - Identify and execute on projects that improve our detection capabilities, aka. Detection Engineering
  - Refine incident response procedures. Improve existing and create new investigation & remediation workflows - automation
 - We handle active security events and cutting-edge threats from a variety of sources, you will be part of a 24/7 oncall rotation
- Utilize internal and external resources to research threats, vulnerabilities, and intelligence on various attackers and attack infrastructure
- Stay up-to-date of current and emerging threats, vulnerabilities, and attack vectors, tracking APT and sophisticated intrusion campaigns
  
    Technical Qualifications:
- Basic Network forensics(setup, understanding technologies, protocols, parsing of network data) knowledge
- Knowledge of network protocols such as TCP/IP, Dynamic Host Configuration, Domain Name System (DNS), and directory services (i.e.   ActiveDirectory)
- Advanced knowledge of Windows, Linux, and MacOS operating systems internals and architecture and features, protections, and design
- Advanced knowledge of Host forensics (including timelining, collection of evidence, exploration of new artifacts, understanding the concept of triaging) of Mac, Linux and Windows
- Malware analysis, understanding the basics and be able to pull useful artifacts from malware samples
- Knowledge and experience of tools used in the areas described above
- Programming/scripting knowledge, preferably Python and Golang, Powershell or similar
- Experience in IT Security and risk management.
- Good administration and troubleshooting skills (problem solving based mind)
- Exposure to Threat Intelligence and ways to operationalize the same
- Excellent technical documentation skills
- Understanding of attack vectors and tools as well as the best practices for securing systems and networks
- Preferably understanding and exposure to cloud based delivery environments(Azure, AWS, GCP)
  
    Key Qualifications:
- Education: Bachelor’s degree, preferably aimed at IT Security, or relevant knowledge acquired elsewhere
- Total 3-5 Yrs of experience of Network Monitoring, IT Forensics, Incident Response
 - Ability to work at odd hours
- Interested in Technology and Communication.
- Good documentation skills
- The ability to work constructively under pressure.
- Flexibility and ability to work both in a team as well as individually.
- Excellent communication skills
  
    Additional Requirements:
 - Communication and people skills, as the role involves extensive interaction with internal partners
- Analytical skills
- Knowledge of regulatory requirements such as e.g. SOX, information security or IT security standards(i.e ISO 27000)
- Knowledge of Cloud computing platforms(Azure, AWS, GCP..) is considered HIGHLY interesting - Exposure to and work with the MITRE ATT&CK Framework
 
Location: Kista, Stockholm
 
Please send in your application in English as soon as possible since the process is ongoing.
Please note due to GDPR we cannot accept applications sent to us via e-mail. We will do a background check on the candidate who will proceed to the final step.
 
Why is Ericsson a good place to work?
Ericsson enables communications service providers to capture the full value of connectivity. The company’s portfolio spans Networks, Digital Services, Managed Services, and Emerging Business and is designed to help our customers go digital, increase efficiency, find new revenue streams, and create new user experiences. Ericsson’s investments in innovation have delivered the benefits of telephony and mobile broadband to billions of people around the world ensuring our solutions – and our customers – are at the forefront of innovation.  We support networks that connect more than 2.5 billion subscribers. With close to 100,000 employees and customers in 180 countries, we combine global scale with technology and service leadership. 40 percent of the world’s mobile traffic is carried over an Ericsson network. And, our Technology for Good and Connect to Learn programs include creating technology that makes it easier to save lives, feed societies, bring technology to emerging markets and connectivity to remote areas, and grow businesses and prosperity.

At Ericsson, we give our employees the freedom to think big and navigate their career, on a global scale. We create technology that helps others, from helping people enjoy their favorite content to helping people recover from natural disasters by enabling better communications between rescue workers. Your ideas and innovations can turn into achievements that impact society and change the world, creating new connections, new possibilities, and new capabilities. We find that Ericsson is at its best when we bring together the diverse skills of our people. Working across business areas, across cultures, across geographical borders, across technical disciplines. Often, across ground-breaking solutions. Next generation technology can be staggeringly complex. But the simpler it is to use; the more people benefit from it. Join us and help build technology that makes it simple to connect with information, business, societies, and each other.