Ericsson is a world-leading provider of telecommunications equipment & services to mobile & fixed network operators. Over 1,000 networks in more than 180 countries use Ericsson equipment, & more than 40 percent of the world’s mobile traffic passes through Ericsson networks. Using innovation to empower people, business & society, we are working towards the Networked Society, in which everything that can benefit from a connection will have one. At Ericsson, we apply our innovation to market-based solutions that empower people & society to help shape a more sustainable world.
We are recruiting to fill the position below:
Job Title: Information Security Architect – Ericsson Wallet Platform
Req ID: 241313
- The Ericsson Wallet Platform (EWP) is a product which enables our customers to provide mobile financial services. Customers are operators and banks, both of whom have very high expectations on the level of security which this financial solution provides and the manner in which the solution is operated, integrated and customized.
The following qualifications apply:
- At least 5 years experience as an information security architect, consultant or line function
- Proven consultancy skills
- CISSP or similar certification
- Experience with information security in mobile financial services and/or financial services is preferred
- Experience with implementing security certifications such as PCI DSS and ISO27001 is preferred
- At least 5 years experience with working as a solution architect
- Proven experience with security compliance
- Proven ability with taking risk based security decisions, and weighing the interest of multiple stakeholder and risk profiles against each other
- Proven ability to take in a large volume of information, such as polices, and determine their impact in a particular situation, e.g. whether a change request is compliant
- High level of integrity
- You understand the compliance is not necessarily the same as security and know how to reason, argument and deliver secure and user friendly solutions which also are compliant.
- Excellent skills in interacting with staff at all levels in a professional way
- Fluent in spoken and written English
- Highly analytical and structured mindset
- Proven ability to multitask and handle multiple complex tasks simultaneously under time pressure; ability to prioritize
- Excellent communication skills, easy to talk to, outgoing
- Self going
- Sensitive to political aspects of vendor-customer relationships
- Ability to achieve short term results while aiming for long term goals
- You report to the M-Commerce security manager for everything related to your day to day work.
- You report to your line manager for everything which is outside of the above.
Work location and team
You work for one customer with subsidiaries in multiple countries in Africa and the Middle East. Your base is Nigeria, You like to travel and work in very diverse environments.
- Contracts with customers include security SLAs and mandatory compliance levels against customer and Ericsson security policies, security standards and benchmarks such as PCI DSS, ISO27001, Center for Internet Security benchmarks, OWASP, etc. They also include compliance obligations against regulation on financial services, information security, data protection and related areas.
- Your primary responsibility is to ensure the security of our Wallet Platform deliveries within MS (Managed Services), ADM (Application development management) and CSI (consulting and solution integration) and compliance against contractual obligations.
- Your secondary responsibility is to act as a coach to all staff involved and manage the security relationship with the customer and third parties.
You achieve these through the following activities:
- Analyse policies, standards, benchmarks and other documentation, as well as compliance tool reports and ensure the EWP product and solution are configured in a compliant manner. Also ensure that solution additions or changes are specified, designed, tested and implemented in a compliant manner. This involves document research, workshops, gap analyses, configuration and WoW specifications, etc.
- You work very closely with the security teams in the Ericsson M-Commerce and in coordination with them execute projects to increase compliance, improve security, simplify and reduce cost.
- Ensure security quality assurance by reviewing deliverables from CSI and ADM teams such as solution description documents, requirements lists, custom software solutions and system configuration, etc. and provide approval for these. Provide guidance on how such deliverables need to be changed in order to be more secure and compliant.
- Answer questions on security by customers, CSI and ADM team members and others and actively engage them to increase security awareness and understanding of how to achieve compliance. Ensure both customer and Ericsson risks are well managed and escalations avoided. Identify gaps and define appropriate solutions for them. Provide best practice and compliant solutions which are simple, elegant, effective, cost conscious and secure. Assist the CSI and ADM team members in configuring security features and securely configuring non-security features. Actively avoid a silo-ization of security, since secure behaviour and security knowledge should exist in all team members.