Our Exciting Opportunity

We are looking for a Lead Security Analyst

The successful candidate should have advanced domain knowledge on information security and act as a point of contact for SOC L1 teams to deliver the security services effectively. This position will also be responsible and supporting for security incident management, including coordinating all cybersecurity related investigations, and incident response in partnership with the respective stakeholders within Ericsson and/or customer organization and/or 3rd Party Providers.

The professional will manage and work alongside a highly skilled, diverse team, making sure that the information assets, that we are responsible to protect, are secured and adhered to customer policy and national security requirements.

You Will

• Assist in the real time (24x7x365) security event monitoring
• Perform quick analysis of attacks and threats based on real time monitoring and follow the predefined process to address the associated risks,
• Assist the Security Technical Authority team (local and remote) to respond to and resolve security incidents effectively,
• Manage security incidents and escalations appropriately,
• Contribute towards continuous process improvements by providing input on the current processes and possible improvement opportunities,
• Ensure vulnerability, compliance scans, monitor results, and distribute reports timely,
• Perform After Actions Reviews and participate in Root Cause Analysis,
• Perform periodic reporting and when applicable, present to management,
• Effectively manage within the activities for Managed Security Services with respect to the SOC L1 Team, securing the operational processes required, delivery of required deliverables according to the Working Level Agreement (WLA) or project specifications, company and industry standards and ways of working, guidelines, and specific KPIs,
• Manage the resources to plan, estimate and carry out the required activities to time, quality targets and in accordance with the company standards, processes, and ways of working, fully understand and ensure that the team adheres to the Ericsson’s delivery methodology, initiating corrective action where appropriate,
• Support the SOC for out-of-hours incidents and issues as needed,
• Ensure that resources are made available to undertake the agreed responsibilities and that they are properly utilized and accounted for,
• Act as an effective member of the Unit’s Extended Managed Services Leadership Team,
• Track all security incidents, SLAs & KPIs, providing appropriate escalation and taking action to resolve deviations and seek continuous improvement,
• Accountable for maintenance of the technical and procedural documentation up to date, complete and stored in such a way to be known and available to all the team members and the management,
• Developing and maintaining a high-performance culture, ensuring appropriate level of competence and motivation within the department, and ensuring timely and high-quality delivery,
• Facilitate job rotation and knowledge sharing, making sure that these actions support the team’s efficiency and development - when necessary, deliver on the job training/coaching for team members whenever it is needed (on spot training/ coaching) or periodical sessions,
• Assist Incident Manager during major & critical incidents,
• Assist in the identification and pursuit of business opportunities that expand the solution capabilities,
• Handle escalations both within the team and from the customer side,
• Develop and report business-relevant metrics to measure the efficiency and effectiveness of the SOC Level 1 deliveries.

The Skills You Bring

Qualifications:
• B. Eng/ B.Tech. in Telecommunication/ Network Security/ Cyber Security/IT

Industry experience:
• 3 - 5 years in Information/Network Security/Cyber Security/IT

Key competencies
• CISSP, CISM and ITIL certifications will be an advantage,
• Very good knowledge and understanding of Managed Services delivery model and its processes, with special focus on Managed Security Services
• Basic domain knowledge on information security, security control frameworks and Information Technology
• Experience with the interpretation of quality indicators to detect weaknesses and implement corrective action,
• Proactive approach to minimize or eliminate the business-critical impacts,
• End user orientation/customer orientation with excellent understanding of service providers/operators’ business requirements - be able to create true client value,
• Basic knowledge of a Security Incident and Event Management System (SIEM), such as McAfee, Splunk, QRadar, Sentinel, etc.
• Basic knowledge of a vulnerability scanning system such as Nessus, Tenable, Tripwire, etc.
• Knowledge of both Linux-based and MS Windows-based systems with technical understanding and aptitude for analytical problem-solving, knowledge of IP networking Non-technical competencies
• Language: Fluent in written and spoken English. Additional language skills are a plus,
• Excellent communication/presentation skills including the ability to translate technical/security issues to business users,
• Results oriented with good skills in leading and motivating people and conscious of responsibility,
• A thorough and methodical approach to work; strong management of Processes
• Highly developed skills in knowledge sharing by actively contributing knowledge, experiences, and skills to create a learning culture. Have ability to develop a training plan and mentoring program,
• Analytical approach to problems and innovative,
• Ability to cope in a fast-changing environment; flexible and responsive to changing work patterns, balance multiple and conflicting demands & work constructively under pressure