Domain Support Specialist

About this opportunity:

Ericsson is looking for a diligent and competent Domain Support Specialist (Security System). This role centers on ensuring that our services and resources are efficiently activated, configured, and tested. If you are eager to work in an interactive environment and dedicated to guaranteeing the availability and performance of services for our customers, this might be the ideal role for you.

What you will do: 
• Incident Management
• Coordinate and conduct event collection, log management, event management, and compliance automation
• Respond to day-to-day security change requests related to security operations
• Conduct security research and intelligence gathering on emerging threats and exploits
• Create new rules based on identified scenarios
• Perform postmortem analysis on logs, traffic flows, and other activities to identify malicious activity
• Security analysis (networking devices and operating systems, endpoint analysis, network attacks)
• Work with the various Technical Authority teams to respond to and resolve security incidents effectively and quickly
• Provide Root Cause Analysis for security incidents, and outages / impairments related to security tools
• Administer authentication and access controls, including provisioning, changes, and deprovisioning of user and system accounts, security/access roles, and access permissions to information assets
• Tools Integration
• Integration of nodes to security tools (SIEM, VA, IAM, etc.)
• Deploy content (policies, signatures, parsers or rules) for the security infrastructure
• Vendor Communications
• Work with SIEM, IPS/IDS, IAM vendors for application related issues
• Process Improvement
• Mentor level 1 analysts to improve detection capability within the SOC
• Prepare Use Cases & MOPs on identified scenarios, Create, maintain and improve technical operational work instructions
• Drive continuous process improvements by providing inputs on the current processes and possible improvement opportunities
• Governance and Reporting, Business intelligence reporting based on SOC and customer needs, Identify and report risks related to security
• Perform periodic reporting and when applicable, present to management and/or the customer’s security team
• Strong knowledge of information security
• Working knowledge of SIEM tools (such as McAfee ESM, QRadar, ArcSight, Splunk, etc.), scanning tools (Nessus, Qualys, IBM AppScan, etc.) and PAM tools (BeyondTrust, CyberArk, etc.)
• Understanding of enterprise computing environments, distributed applications, and a strong understanding of TCP/IP networks, along with available security controls (technical & process controls) for respective layers
• Understanding of the system hardening processes, tools, guidelines and benchmarks
• Fundamental understanding of encryption technologies
• The ability to work constructively under pressure
• The ability to provide support after normal business hours
• Participate in the out-of-hours on call rotation, providing technical support to the business for major and critical incidents

The skills you bring:
• Graduate in Computer Science or similar,  Strong understanding of enterprise, network, system and application level security issues, SIEM, SPUNK or arc sight experience are preffered.
• 4 to 7 years experience with at least 2 years of experience in IT and 2 years in security, • Knowledge of both Linux-based and MS Windows-based system platforms with a strong technical understanding and aptitude for analytical problem-solving

• ITIL certification, CCSP, OSCP, Security +, CCNA Security or similar will be an advantage
• Basic knowledge of telecommunications networks will be an added advantage