Job Description

Location: Thailand / India / Malaysia / Vietnam / Phillippines / Singapore / Indonesia / Australia / Myanmar
*Not a relocation role
Open for External Reference: Yes

Our Exciting Opportunity :

MOAI has a team of security professionals supporting the business by building the strategic direction for Information Security, IT Security, Privacy, Risk Management, Solution Security and Security Operations domains. The team provides support and guidance to all units in MOAI and other security and non-security functions cross Ericsson.

The MOAI Security Strategy & Risk Manager is overall responsible for maintaining order and uniformity in our Security Risks in line with Group Policies and Directives. Also, the MOAI Security Strategy & Risk Manager is responsible for maintaining a structured and proactive approach for strategy execution and driving the MOAI Security tactical plan.

This role reports to Head of MOAI Security.

Purpose of Job Role :

The MOAI Security Strategy & Risk Manager is responsible in ensuring that we have a robust strategy/tactical plan developed and driven across all security domains. This function is also responsible for maintaining the MOAI security risk register in line with Group Directives. This role should ensure effective governance in MOAI and ensure security risks are handled and synchronized across all units in MOAI as well as with relevant stakeholders in all BAs/MAs/GFs. This role should ensure that risks are analyzed and categorized to make sure ISRA results can be presented to decision makers in a simple and comprehendible way.

Responsibilities

The MOAI Strategy & Risk Specialist reports directly to the Head of Security MOAI and have the following responsibilities across the MA:

• Drive and coordinate strategy and tactical plan development and execution cross all domains in MOAI Security, ensuring targets are achieved.
• Support the Head of Information Security in MOAI with Information Security Risks Assessment (ISRA) process.
• Prepare material for governance meetings, e.g. MOAI Security LT, across all units. Be the point of aggregation in MOAI Security.
• Contribute to internal and external security assessments or audits.
• Ensure severe incidents are followed up on in SMB and other governance meetings and were applicable record decisions taken is such form.
• Drive and consolidate Security Improvement plan based on input from Risks, internal assessments, audits and ISMS maturity.
• Follow up on all Risk Treatment Plans (RTP) and ensure execution.
• Manage MOAI exemptions including risk assessment and life-cycle of the exemptions.
• Quality assurance of risk assessments, e.g. ISRA - Information Security Risk Assessments, Privacy Impact Assessment (PIA), Business Impact Assessment (BIA), etc., and ensure data is aggregated to comprehendible decision material.
• Proactively support in improvements, simplification and automation of security and privacy risk management.
• Support the Head in Information Security in MOAI and ensuring that MOAI have the right level of ISMS implementation to be aligned with the ISO27001 standard.
• Ensure high and very high risks are called out and followed up on in MOAI Security LT and other meetings.

Deliverables

• An annual Dashboard for reporting on the Tactical Plan.
• MOAI Security LT presentation material.
• Continuous tracking of risks and mitigations and security exemptions.
• Aggregated ISRA decision material, Audit material.

Typical Interfaces

Line Manager: Head of MOAI Security, MOAI Security LT and Group Security

Customer Security Directors, MOAI LT

MOAI Strategy, Marketing & Communications

MOAI compliance management, BA/MA/GF Security Risk peers

IT Security Risk function

Qualifications and Experience

• Solid understanding in Ericsson Security Policies, Directives and Instructions & knowledge of Ericsson business environment
• Strong educational and work experience in IT and Information Security with minimum 10 years of hands on experience in these domains
• Knowledge of Information Security related standards and regulation, including ISO/IEC 27001, ISO27005, ISO 31000, SOC
• Security and Risk Management training/certifications or equivalent experience
• Knowledge of internal and external product portfolio related to security

Why Join Ericsson?

At Ericsson, you\xc2\xb4ll have an outstanding opportunity. The chance to use your skills and imagination to push the boundaries of what\xc2\xb4s possible. To build never seen before solutions to some of the world\'s toughest problems. You\xc2\xb4ll be challenged, but you won\'t be alone. You\xc2\xb4ll be joining a team of diverse innovators, all driven to go beyond the status quo to craft what comes next.

What Happens once you apply?

to find all you need to know about what our typical hiring process looks like.

Encouraging a diverse and inclusive organization is core to our values at Ericsson, that\'s why we nurture it in everything we do. We truly believe that by collaborating with people with different experiences we drive innovation, which is essential for our future growth. We encourage people from all backgrounds to apply and realize their full potential as part of our Ericsson team.

Background Check: All employment offers to join Ericsson are subject to satisfactory completion of our global pre-employment check.

We are proud to announce Ericsson SG has been again officially Great Place to Work Certified\xe2\x84\xa2 in 2022. Every year, more than 10,000 organizations from over 60 countries partner with the Great Place to Work\xc2\xae Institute for assessment, benchmarking and planning actions to strengthen their workplace culture and this Certification acknowledges our employees value their employee experience and our workplace culture

Be where it begins

Welcome to an inclusive, global company where your opportunity to make an impact is endless. Share your most innovative ideas, bring your unique perspective in a speak up environment. With us, you will no longer be dreaming of what the future holds \xe2\x80\x93 you will be redefining it at a company where you\xe2\x80\x99re empowered to lead and perform at your very best.

Being a part of our team means having the flexibility to take your career in many different directions, but it also means leveraging the supportive structure of a big organization, with clear personal and professional development opportunities.

We believe that great accomplishments deserve great benefits and transparent rewards. We strive to offer competitive, unbiased, and fair rewards for all our people. We empower you to manage your own time and promote flexible working opportunities, along with family-friendly policies.

to find out more about our benefits.

Ericsson