Job Opportunity at Ericsson

Information security architect for Ericsson Mobile Financial Services

Responsibilities

The Ericsson Wallet Platform (EWP) is a product which enables our customers to provide mobile financial services/mobile money. Customers are operators and banks, both of whom have very high expectations on the level of security which this financial solution provides and the manner in which the solution is operated, integrated and customized. 

As part of the delivery for our customers we are looking for an information security architect in Nigeria. 

• Your primary responsibility is to ensure the information security of our Wallet Platform deliveries towards our customers within Ericsson MS (Managed Services), ADM (Application Development Management), CS (Customer Support) and CSI (Consulting and Solution Integration) and compliance against contractual obligations.

• Your secondary responsibility is to act as a coach to all staff involved and manage the security relationship with the customer and third parties.

• Your other responsibilities include ensuring adherence to security SLAs and mandatory compliance levels against customer and Ericsson security policies, security standards and benchmarks such as PCI DSS, ISO27001, ISO22301, Center for Internet Security benchmarks, OWASP, etc. You also ensure compliance obligations against regulation on financial services, information security, data protection and related areas are met. 

Qualifications

• At least 5 years experience as an information security architect, information security consultant or in an information security line function

• At least 5 years experience with working as a solution architect

• Experience with implementing and auditing security certifications such as PCI DSS, ISO27001 and ISO22301 is preferred

• Proven ability with taking risk based security decisions, and weighing the interest of multiple stakeholder and risk profiles against each other

• Proven ability to take in a large volume of information, such as polices, and determine their impact in a particular situation, e.g. whether a change request is compliant

• Proven consultancy skills

• Experience with information security in mobile financial services and/or financial services is preferred

• Multiple certifications and related work experience is preferred.

• Fluent in spoken and written English 

Certifications

You must have at least one of the following (active) certifications.

• ISC2 – Certified Information Systems Security Professional (CISSP)

• ISACA - Certified Information Security Manager (CISM)

• ISACA - Certified Information Systems Auditor (CISA)

• ISACA - Certified in Risk and Information Systems Control(CRISC)

• ASIS International - Professional Certified Investigator (PCI)

• ASIS International - Certified Protection Professional (CPP)

• BSI or IRCA - ISO27001 lead implementer or lead auditor

• BSI or IRCA - ISO22301 lead implementer or lead auditor

• BCI - Certificate of the Business Continuity Institute (CBCI) 

Having at least one of the following (active) certifications is preferred:

• PCI SSC – PCI DSS or PCI PA DSS QSA

• ACFE - Certified Fraud Examiner (CFE)

• EC-Council - Computer Hacking Forensic Investigator (CHFI)

• EC-Council - Certified Ethical Hacker (CEH)

• IACIS - Certified Forensic Computer Examiner (CFCE)

• ISC2 – Systems Security Certified Practitioner (SSCP)

• ISC2 – Certified Cyber Forensics Professional (CCFP)

• ISCPP - International Crime Prevention Specialist (ICPS)

• ISFCE - Certified Computer Examiner (CCE)

• Offensive Security - Offensive Security Certified Professional (OSCP)

• Red Hat - Certificate of Expertise in Server Hardening

• Red Hat - Red Hat Certified Engineer (RHCE)

• Red Hat - Certified System Administrator (RHSA) 

Work location and team

The successful incumbent will work with a dedicated delivery team to one of Ericsson’s customers from Nigeria..  Your security architect responsibilities cover Nigeria, Ghana, Liberia, Guinea (Conakry), Guinea Bissau, Congo, Cameroon, Ivory Coast and Benin. Enjoy travelling and working in diverse environments.

The team you will be working in is part of the global Ericsson Mobile Financial Services Security community, but dedicated to one customer. You will be part of a team of five information security architects and one regulatory analyst. Each information security architect will have at least one core competence in the areas mentioned below and multiple secondary competences in these areas:

• Software security

• Linux and infrastructure security

• Operational security, investigations and forensics

• ITIL process and managed services organization security

• Policies, standards, benchmarks, and their compliance as well as managing organizational change. Able to lead the team and be the central point of contact for the customer and their C-level managers.