OBS! Ansökningsperioden för denna annonsen har
passerat.
Arbetsbeskrivning
As the tech firm that created the mobile world, and with more than 54,000 patents to our name, we’ve made it our business to make a mark. When joining our team at Ericsson you are empowered to learn, lead and perform at your best, shaping the future of technology. This is a place where you're welcomed as your own perfectly unique self, and celebrated for the skills, talent, and perspective you bring to the team. Are you in?
Come, and be where it begins.
Our Exciting Opportunity
We are looking for an experienced Red Team Operator to continue building the Red Team within the Ericsson Cyber Defense Center (CDC) in Group Security.
The Cyber Defense Center defends Ericsson from attacks originating from external threat actors. It ensures we are one step ahead of adversaries, identifies their plans and means to execute them, block and disrupt their execution, and remove their presence from within Ericsson.
Its focus is on sophisticated antagonistic threat actors who can do the most harm to Ericsson as a company. To achieve this the cyber defense center consists of four teams: threat intelligence, the red team, a process and governance team, and cyber operations.
You will
Identify and provide feedback on actual defensive abilities through offensive Red Team engagements.
Demonstrate to decision-makers the feasibility of successful attacks.
Reveal weaknesses in behavior, processes, and technology.
Conduct technical validation of events seen in security investigations.
The objective is always to increase Ericsson’s resilience against sophisticated attacks by providing facts and actionable insights on actual defensive abilities.
We are extending this team with additional Red Team Operators to help us execute on the responsibilities mentioned above.
You will be given a wide directive to capture flags and achieve other goals in accordance with the set mandate and ethical guidelines.
We expect you to be creative and push the blue team’s boundaries by using the latest TTPs which you discover by reverse engineering malware, using threat intelligence, working with your peers, etc. You live for outsmarting our security tool vendors and the blue team, improving our defense and making it a bit more difficult for yourself to succeed next time. That is a challenge which drives you.
A successful Red Teamer at Ericsson should possess a deep understanding of offensive security concepts regarding reconnaissance, stealth, exploitation, lateral movement, and exfiltration. To fit in the team, you should be low ego but proud of your accomplishments, eager to learn and develop with your colleagues. Teamwork and openness between team members will bring different perspectives together and drive success to accomplish our goals.
Note: this is a Red Team position, not a pentest position. You know the difference.
To be successful in the role you must have
A self-driven and positive can-do attitude.
A demonstrable record (3+ years) in executing offensive security activities Red Teaming or Penetration testing.
An additional minimum of 2 years of experience with other offensive security activities.
A security enthusiasm and possess the aim to develop your abilities through hacking challenges.
Have passed an OSCP, CREST, OSCE, OSWE, OSEE, or equivalent certification.
Have a self-starter approach and confidence to get things done as well as the ability to effectively collaborate.
Have teamwork skills and the ability to adapt to ad hoc situations.
Be able to provide concise feedback in reporting and presentation.
Outstanding integrity and a record of working with sensitive information.
Proficient English level, both verbal and written.
Always ambition to gather and share new insights with your team, approach your work with a smile and a sense of humor!
The additional proficiencies that would be your substantial advantage:
Previous Red Teaming experience, active participation in security communities that are in line with Red Teaming activities, active development of security tools, CVEs registered in your name etc. will be an advantage.
Active development of EDR/EPP evasion techniques that successfully can avoid detection of Tier1 suppliers (FireEye, Symantec, Crowdstrike, Microsoft etc) as well as the previous active use of CobaltStrike
What´s in it for you?
Here at Ericsson, our culture is built on over a century of courageous decisions. With us, you will no longer be dreaming of what the future holds – you will be redefining it. You won’t develop for the status quo, but will build what replaces it. Joining us is a way to move your career in any direction you want; with hundreds of career opportunities in locations all over the world, in a place where co-creation and collaboration are embedded into the walls. You will find yourself in a speak-up environment where empathy and humanness serve as cornerstones for how we work, and where work-life balance is a priority. Welcome to an inclusive, global company where your opportunity to make an impact is endless.
What happens once you apply?
To prepare yourself for next steps, please explore here: https://www.ericsson.com/en/careers/job-opportunities/hiring-process
Come join our #TeamEricsson. Feel free to apply and include a resume in English, outlining how you meet the specific requirements of the position.
The selection and interview process is ongoing. Therefore, send in your application in English as soon as possible. We encourage you to apply!
If you have any further questions, you are welcome to contact us:
Hiring Manager: Head of Red Team
Recruiter: Justyna Gnatowska (Justyna.gnatowska@ericsson.com)
Location: Sweden/EMEA time zone requirement
Kindly note that we do not accept applications sent via e-mail
Do you believe that an organization fostering an environment of cooperation and collaboration to execute with speed creates better business value? Do you value a culture of humanness, where fact based decisions are important and our people are encouraged to speak up? Do you believe that diverse, inclusive teams drive performance and innovation? At Ericsson, we do.