Duty Station: Kampala, Uganda
Ericsson
is a world-leading provider of telecommunications equipment & services to
mobile & fixed network operators. Over 1,000 networks in more than 180
countries use Ericsson equipment, & more than 40 percent of the world’s
mobile traffic passes through Ericsson networks. Using innovation to empower
people, business & society, we are working towards the Networked Society,
in which everything that can benefit from a connection will have one. At
Ericsson, we apply our innovation to market-based solutions that empower people
& society to help shape a more sustainable world.
Job Summary: The Information Security Architect for Ericsson
Mobile Financial Services will ensure
the information security of our Wallet Platform deliveries towards our
customers within Ericsson MS (Managed Services), ADM (Application Development
Management), CS (Customer Support) and CSI (Consulting and Solution
Integration) and compliance against contractual obligations. The incumbent will
also have secondary responsibility is to act as a coach to all staff involved
and manage the security relationship with the customer and third parties. The other
responsibilities will include ensuring adherence to security SLAs and mandatory
compliance levels against customer and Ericsson security policies, security
standards and benchmarks such as PCI DSS, ISO27001, ISO22301, Center for
Internet Security benchmarks, OWASP, etc. He /she will lso ensure compliance
obligations against regulation on financial services, information security,
data protection and related areas are met.
Qualifications, Skills and Experience:
- The applicant should have a minimum of five years’
experience as an information security architect, information security
consultant or in an information security line function - Multiple certifications and related work
experience is preferred. - Five or more years’ experience with working
as a solution architect - Previous exposure and experience in implementing
and auditing security certifications such as PCI DSS, ISO27001 and
ISO22301 is preferred - Demonstrated ability with taking risk based
security decisions, and weighing the interest of multiple stakeholder and
risk profiles against each other - Proven ability to take in a large volume of
information, such as polices, and determine their impact in a particular
situation, e.g. whether a change request is compliant - Proven consultancy skills
- Previous exposure and experience with
information security in mobile financial services and/or financial services
is preferred - Understand that compliance is not necessarily
the same as security and know how to reason, argument and deliver secure
and user friendly solutions which also are compliant. - Excellent skills in interacting with staff at
all levels in a professional way - Fluent in spoken and written English
The
applicant must hold at least one of the following (active) certifications;
- ISC2 – Certified Information Systems Security
Professional (CISSP) - ISACA – Certified Information Security
Manager (CISM) - ISACA – Certified Information Systems Auditor
(CISA) - ISACA – Certified in Risk and Information
Systems Control(CRISC) - ASIS International – Professional Certified
Investigator (PCI) - ASIS International – Certified Protection
Professional (CPP) - BSI or IRCA – ISO27001 lead implementer or
lead auditor - BSI or IRCA – ISO22301 lead implementer or
lead auditor - BCI – Certificate of the Business Continuity
Institute (CBCI)
The
applicant must hold at least one of the following (active) certifications;
- PCI SSC – PCI DSS or PCI PA DSS QSA
- ACFE – Certified Fraud Examiner (CFE)
- EC-Council – Computer Hacking Forensic
Investigator (CHFI) - EC-Council – Certified Ethical Hacker (CEH)
- IACIS – Certified Forensic Computer Examiner
(CFCE) - ISC2 – Systems Security Certified
Practitioner (SSCP) - ISC2 – Certified Cyber Forensics Professional
(CCFP) - ISCPP – Internation Crime Prevention
Specialist (ICPS) - ISFCE – Certified Computer Examiner (CCE)
- Offensive Security – Offensive Security
Certified Professional (OSCP) - Red Hat – Certificate of Expertise in Server
Hardening - Red Hat – Red Hat Certified Engineer (RHCE)
- Red Hat – Certified System Administrator
(RHSA)
- Software security
- Linux and infrastructure security operational
security, investigations and forensics - ITIL process and managed services
organization security policies, standards, benchmarks, and their
compliance as well as managing organizational change. - Ability to lead the team and be the central
point of contact for the customer and their C-level managers.
If
you believe you are one of the ideal candidates for this opportunity in working
with the world’s leading provider of telecommunications equipment &
services, Ericsson, then visit the web link below for full job details and
Apply Online.
0 comments:
Post a Comment