Security Master Job in Ericsson

What you will do Accountable to report the security posture of the organization (i.e. Product Development Unit) Security Center by way of monthly recurring scheduled meetings. Accountable to establish a secure development culture. Responsible to continuously improve the development environment so that products and components are secure by design and so that security does not decrease delivery output unnecessarily and uses the utilization of security test automation. Responsible to drive the of security Chapter to enable top down bottom up anchoring and spreading of information between GFTL Security team and the development team(s) through the scheduled recurring meetings. Responsible to select the collaboration tool that suits PDUs WOW that must contain at a minimum the roster and the mailing list of all Security Masters, Principal Security Master, Product Security Advisor and Technology Specialists tied to the chapter. Responsible to delegated Chapter(s) to a Security Principal when the Chapter becomes too large for one Champion to run efficiently (e.g. 20+ persons) or unsuitable time zones (e.g. Security Masters across multiple time zones)! The person to fulfil the Principal role is appointed by the organization s line management in collaboration with the Security Master. Accountable to ensure delegated responsibilities are agreed and detailed between the Champion and the Principal. Support and provide input on security value features. Support and guide the organization on security related inquiries! Responsible to call out security needs/request for support where there is a need to the GFTL Security Center. You will bring Bachelors/master s in computer science, or related disciplines from any of the reputed institutes.First Class, preferably with Distinction. 5+ years of strong experience as Security Master in a Product company and an overall industry experience of about 14+ years. Good knowledge of product security, and especially Ericsson s product security framework (SRM). Solid understanding of security standard and best practices (e.g. ISO/IEC 27001, NIST SP-800 series, NIST Cybersecurity Framework, PCI DSS, OWASP Top 10, 3GPP SECAM & NESAS, S-SDLC, etc.) Solid knowledge of security tools and testing methodologies.Great knowledge of Containerisation and KubernetesExposure to AZUR-AKS or AWS-EKS. Very good Unix/Linux Skills. Good understanding of development practices like architecture design, coding, test and verification.Empowering Skills and Commitment.Good communications and presentation capabilities. Good understanding on standardizing way of working.