Join our Team
About This Opportunity
We are seeking a team member in our IT Security Third Party Security Risk Management team to enhance our BA, MA, and Group Functions' adherence to internal IT Security regulations more efficiently. This individual contributor role will articulate ISMS controls and compliance through the "10 Commandments" and dashboards. The role involves conducting assurance reviews and, when necessary, implementing ISMS compliance across Ericsson’s global IT environment.
We are looking for a highly skilled security professional with an audit background. The ideal candidate will foster a collaborative and professional atmosphere while maintaining high standards.
What You Will Do
• Understand the end-to-end third-party risk management lifecycle.
• Develop, manage and improve third-party risk management monitoring and reporting process that tracks third-party risks.
• Contribute to the development of policies focused on the security of third-party business processes.
• Develop and maintain supplier risk and control monitoring plans, performing monitoring activities and analyzing evidence to ensure controls are effective.
• Assist in the development and execution of category/supplier strategies.
• Collaborate with stakeholders to address supply chain security.
• Supervise and conduct supplier security audits in alignment with company security policies and industry standards.
• Perform on-site assessments of vendors to identify opportunities for improvement.
• Utilize analytics to compile and synthesize data, making informed recommendations to assess and mitigate risk exposure, guiding business decisions.
• Establish and deliver metrics in a robust, validated, consistent, and repeatable process.
• Ensure data accuracy and integrity through established processes and controls.
• Build relationships and influence the behavior of internal teams and external parties.
• Complete monitoring and control tasks triggered by supplier tier and third-party interaction models.
• Collaborate with business stakeholders to achieve year-over-year cost savings with managed third-party relationships.
• Partner with stakeholders on IT Security contract negotiations for all managed third-party relationships.
You Will Bring
• Minimum of seven years of experience in developing and maintaining global vendor risk management programs.
• Preferred certifications: CISSP, CISM, CISA, or CRISC.
• Strong understanding of information technology and security solutions.
• Monitor and ensure successful delivery against third-party contractual obligations.
• Assist in the development and monitoring of SLAs or key performance indicators for third-party relationships.
Why join Ericsson?
At Ericsson, you´ll have an outstanding opportunity. The chance to use your skills and imagination to push the boundaries of what´s possible. To build solutions never seen before to some of the world’s toughest problems. You´ll be challenged, but you won’t be alone. You´ll be joining a team of diverse innovators, all driven to go beyond the status quo to craft what comes next.
What happens once you apply?
Click Here to find all you need to know about what our typical hiring process looks like.
Encouraging a diverse and inclusive organization is core to our values at Ericsson, that's why we champion it in everything we do. We truly believe that by collaborating with people with different experiences we drive innovation, which is essential for our future growth. We encourage people from all backgrounds to apply and realize their full potential as part of our Ericsson team. Ericsson is proud to be an Equal Opportunity Employer. learn more.
Primary country and city: India (IN) || Gurgaon
Req ID: 768956
