Ericsson Security specialist in Malaysia

Purpose of the role

The purpose of this document is to describe the functional role of Security Specialist-Investigations. The Security Specialist-Investigations manages security investigation activities within the region, including security requirements from hosted activities in accordance with the Governance Model – Group Security. The aim is to achieve operational excellence within the concept of One Ericsson.


Prime role of Security Specialist-Investigations is to address Ericsson’s internal security investigation requirements.

The Security Specialist-Investigations has the following responsibilities within the scope

Collect and compile information

Prepare and execute the investigation plan

escalate decisions through investigations

Deliver and communicate investigation report

Identify improvement opportunities and implement or recommend enhancements to the relevant organization

Security Specialist-Investigation is typically assigned to work with the investigations of the critical security incidents that can or may impact Ericsson brand people or assets.

Main activities

The main activities within the Daily Operations are the following:

Drive the implementation of global security investigation framework, directives and guidelines, complement with local security instructions if needed.

Determining work procedure, prepare work schedules & determine methods for expediting workflow.

Ensure accurate identification of COBE breach through the use of sophisticated computer systems; laboratory and examination of evidence.

Data extraction & analysis & presentation.

Strategic planning, risk assessment, governance and compliance processes, designing security solutions and conducting incident response & digital forensics investigations.

Perform and create procedures for system security audits, risk assessment, vulnerability assessment, penetration testing and conducting incident response & digital forensics engagements.

Lead digital forensics function which involved hard drive imaging, analysis of emails and financial data.

Inform the Regional Security Director when CMTF within area of responsibility is activated.

Manage security incidents and investigations in accordance with the Security Incident Handling Process and Investigation Framework

Prioritise work and ensure cases and complaints are handled appropriately and in a timely manner.

Facilitate risk assessments based on business requirements, agreements and activities.

Provide Business Continuity Management (BCM) subject matter expertise and support local implementation and maintenance activities with the area of expertise i.e. digital forensics.

Provide technical leadership to the enterprise for the security investigation program

Drive security awareness activities amongst ALL personnel

Perform specialized security training for target groups

Work independently and coordinate cross function at a senior level.

Build & maintain documentation for all procedures, as required to continually improve levels of service & efficiency and meet quality standards

Information Security Responsibilities

Assist in Implementation of ISO 27001 controls across the organization as per the Ericsson Global ISO 27001 control framework.

That security is implemented and maintained in accordance with Ericsson Security and Risk Management directives.

That ‘best practice’ of security investigations is developed and maintained.

Cooperation & Coordination

The Security Specialist-Investigation drives & coordinates security investigations related activities in the Region.

Key Internal Interfaces

Region Security Director

Real Estate responsible/Facilities Specialist

Head of operations Units




Key External Interface

External partners security investigation organizations.


Functional line reporting to Regional Security Director

Escalate non-conformities referring to Ericsson Security directives to Regional Security Director and ensure all incidents are reported in the Security Incident Management System

Monthly report to the Regional Security Director

After-action reporting on CMTF activations to the Regional Security Director

Required competence

The key technical qualifications required are:

Bachelor’s degree or equivalent within Telecommunication, Information Technology and Electronics. Have 8-10 years of experience in a similar profile, such as corporate investigator.

Formal Security training (certificate) or equivalent, any of the following certificates would be a definite advantage CISM, CISSP, SSC, QSA, BSI ISO/IEC 27001:2013, CEH, CIFI & CHFI, EnCE

Minimum five years’ experience in a security related role, including:

Risk Management, Information-, IT security, Crisis Management, Forensic investigation and Cybercrime.

Hands on experience in forensic tools. E.g. Encase, FtK, X-way etc.

IS/IT competence

Knowledge in security products & solutions

Knowledge of ISO/IEC 27001

Knowledge in Electronic Discovery

Experience in working with Windows and Linux platforms

RHCE certification would be an added advantage


Why is Ericsson a great place to work?

Ericsson is the driving force behind the Networked Society where every person and every industry is empowered to reach their full potential. Mobility, broadband and the cloud are transforming the world, enabling industries and society to provide better services, capture new opportunities, improve businesses, increase efficiency, and create new user experiences.

Our services, software and infrastructure support every major telecom operator in the world. The transformation that this brings allows people, business and society to fulfill their potential and create a more sustainable future.

With some 115,000 employees and customers in 180 countries, we combine global scale with technology and services leadership. We support networks that connect more than 2.5 billion subscribers. 40 percent of the world’s mobile traffic is carried over Ericsson networks. And our SEK 100 billion investment in research and development over the last three years ensure that our solutions – and our customers – are at the forefront of innovation.

At Ericsson, we give our employees the freedom to think big. Your ideas and innovations can turn into achievements that impact society and change the world. Are you ready to be a change-maker? Learn what makes YOU + Ericsson a powerful combination. Join us today.

Founded in 1876, Ericsson has its headquarters in Stockholm, Sweden. Net sales in 2014 were SEK 228.0 billion (USD 33.1 billion). Ericsson is listed on NASDAQ OMX stock exchange in Stockholm and the NASDAQ in New York.

Ericsson provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, sexual orientation, marital status, pregnancy, parental status, national origin, ethnic background, age, disability, political opinion, social status, veteran status, union membership or genetics.

Ericsson complies with applicable country, state and all local laws governing nondiscrimination in employment in every location across the world in which the company has facilities. In addition, Ericsson supports the UN Guiding Principles for Business and Human Rights and the United Nations Global Compact.

This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, training and development.

Ericsson expressly prohibits any form of workplace harassment based on race, color, religion, sex, sexual orientation, marital status, pregnancy, parental status, national origin, ethnic background, age, disability, political opinion, social status, veteran status, union membership or genetic information.