Security Specialist

As the tech firm that created the mobile world, and with more than 54,000 patents to our name, we’ve made it our business to make a mark. When joining our team at Ericsson you are empowered to learn, lead and perform at your best, shaping the future of technology. This is a place where you're welcomed as your own perfectly unique self, and celebrated for the skills, talent, and perspective you bring to the team. Are you in?

Come, and be where it begins.

Our Exciting Opportunity

We are looking for a Cyber Defense Senior Incident Responder, with a network forensics profile, within the Cyber Defense Center (CDC) in Group Security.

The Cyber Defense Center defends Ericsson from cyber attacks originating from external threat actors. It ensures we are one step ahead of adversaries, identify their plans and means to execute them, block and disrupt their execution, and remove their presence from within Ericsson. Its focus is on sophisticated antagonistic threat actors who can do the most harm to Ericsson as a company. In order to achieve this the cyber defense center consists of four teams: threat intelligence, the red team, a process and governance team, and cyber operations.

The Cyber Operations team contains three core functions:

• Security Operations Center (SOC), which is responsible for 24/7 cyber monitoring, triage, classification and prioritization, and investigation. This is executed via a tier 1-3 model.
• Ericsson Computer Emergency Response Team (EriCERT), which is responsible for cyber incident response and can be seen as tier 4.
• Cyber Defense IT Operations, which is responsible for operating tooling required by the whole Cyber Defense Center.

We are extending this team with an additional Cyber Defense Senior Incident Responder, with a network forensics profile, to strengthen our ability to deliver on our promises. Keep vigilant and continuously prepare to defend Ericsson from attacks

You will

• Respond to IT Security related threats within our corporate environments, which includes both On-prem as well as cloud-based environments (respond, contain, remediate/eradicate) > reporting
• Identify and execute on projects that improve our detection capabilities, aka. Detection Engineering
• Refine incident response procedures. Improve existing and build new investigation & remediation workflows – automation
• We handle active security events and cutting-edge threats from a variety of sources, you will be part of a 24/7 on call rotation
• Utilize internal and external resources to research threats, vulnerabilities, and intelligence on various attackers and attack infrastructure
• Stay up-to-date on current and emerging threats, vulnerabilities, and attack vectors, tracking APT and sophisticated intrusion campaigns

To be successful in the role you must have

• Education: Higher degree, preferably IT Security, or relevant knowledge acquired elsewhere
• Total 3-5 years of experience of Network Monitoring, IT Forensics, Incident Response, IT Security, and risk management
• Advanced Network forensics (setup, understanding technologies, protocols, parsing of network data) knowledge
• Deep Knowledge of network protocols such as TCP/IP, Dynamic Host Configuration, Domain Name System (DNS), and directory services ( i.e. Active Directory)
• Proficient level of Windows, Linux, OR/and MacOS operating systems internals and architecture and features, protections, and design
• High expertise in Host forensics (including timelining, collection of evidence, exploration of new artifacts, understanding the concept of triaging) of Mac, Linux and Windows
• Malware analysis, understanding the basics and be able to pull useful artifacts from malware samples
• Programming/scripting knowledge, preferably Python and Golang, PowerShell or similar
• Good administration and troubleshooting skills (problem solving based mind)
• Exposure to Threat Intelligence and ways to operationalize the same
• Understanding of attack vectors and tools as well as the practices for securing systems and networks
• Excellent technical and communication skills
• Ability to work at odd hours and under pressure
• Preferably understanding and exposure to cloud based delivery environments (Azure, AWS, GCP)

What´s in it for you?

Here at Ericsson, our culture is built on over a century of courageous decisions. With us, you will no longer be dreaming of what the future holds – you will be redefining it. You won’t develop for the status quo, but will build what replaces it. Joining us is a way to move your career in any direction you want; with hundreds of career opportunities in locations all over the world, in a place where co-creation and collaboration are embedded into the walls. You will find yourself in a speak-up environment where empathy and humanness serve as cornerstones for how we work, and where work-life balance is a priority. Welcome to an inclusive, global company where your opportunity to make an impact is endless.

What happens once you apply?

To prepare yourself for next steps, please explore here: https://www.ericsson.com/en/careers/job-opportunities/hiring-process

Come join our #TeamEricsson. Feel free to apply and include resume in English, outlining how you meet the specific requirements of the position.

The selection and interview process are ongoing. Therefore, send in your application in English as soon as possible. We encourage you to apply!

If you have any further questions, you are welcome to contact us:

Hiring Manager: Head of Cyber Ops

Recruiter: Justyna Gnatowska ([email protected])

Location: Sweden/Baltic countries

Kindly note that we do not accept applications sent via e-mail

Do you believe that an organization fostering an environment of cooperation and collaboration to execute with speed creates better business value? Do you value a culture of humanness, where fact based decisions are important and our people are encouraged to speak up? Do you believe that diverse, inclusive teams drive performance and innovation? At Ericsson, we do.

Primary country and city: Sweden (SE) || || Stockholm || [[mfield2]]

Req ID: 582162