OBS! Ansökningsperioden för denna annonsen har
passerat.
Arbetsbeskrivning
About this opportunity
Do you want to shape the direction of Ericsson security and drive operational excellence, continuous development, and improvement of Privacy/ Data Protection, Risk Management, and Security Strategy? Are you eager to be engaged and be part of a team of strong security experts?
You will play a key part in Group Security’s Risk team in unit Security Governance, ensuring Privacy and Data Protection competence in our team that sets a strategic direction for security across Ericsson worldwide.
Important personality traits are your ability to collaborate, analyze and influence. You will cooperate closely together with teams across Ericsson which means you need to have good people- and coordination skills. Self-motivation and drive will be key, along with the ability to see opportunities for continuous improvement and inspire change.
We are looking for a strong leader who is passionate about privacy and is able to proficiently analyze, interpret and translate regulatory privacy requirements into Security strategy and key security frameworks. You will work closely with Group Data Protection Officer and security organizations across the organization.
What you will do
The Privacy and Security Manager works directly with the Head of Risk team and is responsible for completing Ericsson’s Privacy Framework in Group Security and driving data protection.
You will run and maintain the privacy and data protection risks to the data subject in the OneTrust Privacy Risk Register and consolidates risks to the organization relating to privacy in Ericsson ERM Risk Register, in the below areas:
Completing the company’s business, security, and privacy strategic objectives in alignment with the Chief Privacy Officer Chief Security Officer, and other relevant stakeholders.
Identifying and notifying of gaps in data protection.
Supporting stakeholders in completing privacy assessments (PIA, DPIA, etc.) to keep the OneTrust Privacy Risk Register up to date.
Supporting in: yearly sign-off risk workshops with risk managers and in group risk consolidation.
Collaborating with privacy advisors to manage the treatment of consolidated risks.
Communicating Privacy Framework and promoting privacy culture, competence transfer, and unit-specific privacy documentation.
Responsibility for Privacy/Data Protection training and awareness.
Collaborating with the privacy community and data protection community to ensure continuous improvement of Ericsson’s privacy strategy and data protection controls.
Supporting Group Security with data protection expertise and suggestion of the best methodologies, security incidents, and breach handling as requested.
Legislative monitoring, supporting legal counsel, and sourcing in the review of security controls in DPAs.
Identifying risk of non-compliance with local privacy laws or regulations for reporting to Group Security ERM Risk Manager.
Staying up-to-date on information technology trends and security standards.
Participating in Group Security development of governance models, processes, methods, routines, and tools to ensure the efficiency of the security strategy.
You will bring
Academic degree preferably admitted as a lawyer in a relevant jurisdiction, Bachelor of Laws, LL.B, LL.M, etc.
In-depth experience (at least 5 years) related to privacy-related laws, regulations, and standards and certification by the International Association of Privacy Professionals (IAPP) such as CIPM, CIPT, CIPP/E, or equivalent.
Proven track record of successful deployment of privacy practices in a complex multinational environment
Solid experience within information security and certifications such as ISO27001/CISSP/CISM or equivalent.
Experience within security or technical expertise and hands-on experience related to the core privacy risk areas of the telco and IT industry.
Security and risk management training or equivalent experience along with project or program management.
Understanding of ISO31000.
Professional background in Change Management and outstanding communication skills (proven teammate) and problem-solving skills with an Analytical mind
Excellent verbal, written English, and interpersonal skills.
Additional Qualifications taken into consideration:
Knowledge of BCM and other management system standards
Understanding of cloud computing including the shared responsibility model
Business Process Knowledge, Group Management Systems.
Why join Ericsson?
At Ericsson, you´ll have an outstanding opportunity. The chance to use your skills and imagination to push the boundaries of what´s possible. To build never seen before solutions to some of the world’s toughest problems. You´ll be challenged, but you won’t be alone. You´ll be joining a team of diverse innovators, all driven to go beyond the status quo to craft what comes next.
What happens once you apply?
Come join our #TeamEricsson. Feel free to apply and include a resume in English, outlining how you meet the specific requirements of the position.
The selection and interview process is ongoing. Therefore, send in your application in English as soon as possible. We encourage you to apply!
If you have any further questions, you are welcome to contact us:
Hiring Manager: Head of Risk
Recruiter: Justyna Gnatowska (Justyna.gnatowska@ericsson.com)
Location: Sweden, Stockholm
Kindly note that we do not accept applications sent via e-mail