About this opportunity:
We are looking for a Security Specialist profile within the Cyber Defense Center (CDC) in Group Security. The Cyber Defense Center defends Ericsson from cyberattacks originating from external threat actors. It ensures we are one step ahead of adversaries, identify their plans and means to execute them, block and disrupt their execution, and remove their presence from within Ericsson. Its focus is on sophisticated antagonistic threat actors who can do the most harm to Ericsson as a company. In order to achieve this the cyber defense center consists of four teams: threat intelligence, the red team, a process and governance team, and cyber operations.
What you will do:
• 24x7 Security monitoring and incident handling across a complex network.
• End-to-End triage & investigation of all the threat detections originating from technology.
• Participate in incident response.
• Support use case development of detection analytics.
• Conduct research into new threats, identifying new IOC/TTPs.
• Work in shifts with efficient and accurate handover procedures.
• Identify improvements in automation and investigation procedures.
• Work with the Red team to identify gaps or weaknesses in security coverage.
• Create threat hunting use cases through security research and threat intelligence.
• Adhere to SLAs for security investigations.
The skills you bring:
• A minimum of 7 to 12 years of experience working within a Security Operations Center /Managed Security Services environment.
• Organization and project management skills, Good documentation skills, Positive can-do attitude.
• Ability to work at odd hours and work constructively under pressure.
• Worked across different cultures in a global setting and with many stakeholders.
• Impeccable integrity and track record of working with sensitive information.
Technical Competences
• The Incident Response Process
• Core networking skills
• Live Windows, Linux and Memory Forensics
• Active Directory Analysis
• Network Threat Hunting
• Basics of Vulnerability Management
• Demonstrable experience with Incidence Response in leading public Clouds – Azure, AWS, GCP
• Experience with Microsoft Azure Cloud - Azure Sentinel, Microsoft security stack, MS Graph API, Entra ID
• Amazon Web Services (AWS) security tools such as Security Hub, AWS Guard Duty, AWS Macie, AWS CloudTrail
• Google Cloud Platform (GCP) security tools such as Chronicle and Security Command Centre
• Able to triage & investigate email threats using platforms like Microsoft EOP, Trellix, Proofpoint
• Working knowledge of `Security products like Endpoint Detection Response (EDR), Identity Threat Detection (ITDR) & Response, Network Detection & Response (NDR) from leading vendors like Trellix, CrowdStrike, MS Defender for Endpoint, Vectra
• Experience in IT Security and risk management.
• Security related certification like SANS GCIH, GCIA, GMON, GREM, CEH, CISSP, CHFI and Incident Response certification is an added advantage.
Why join Ericsson?
At Ericsson, you´ll have an outstanding opportunity. The chance to use your skills and imagination to push the boundaries of what´s possible. To build solutions never seen before to some of the world’s toughest problems. You´ll be challenged, but you won’t be alone. You´ll be joining a team of diverse innovators, all driven to go beyond the status quo to craft what comes next.
What happens once you apply?
Click Here to find all you need to know about what our typical hiring process looks like.
Encouraging a diverse and inclusive organization is core to our values at Ericsson, that's why we champion it in everything we do. We truly believe that by collaborating with people with different experiences we drive innovation, which is essential for our future growth. We encourage people from all backgrounds to apply and realize their full potential as part of our Ericsson team. Ericsson is proud to be an Equal Opportunity Employer. learn more.
Primary country and city: India (IN) || Bangalore
Req ID: 756527