Vulnerability Assessment Analyst III

As the technology firm that created the mobile world and a rich history of 145 years of building ground-breaking solutions and innovative technologies supported by 60,000+ patents, Ericsson has made it our business to make a mark. When joining our team at Ericsson you are empowered to learn, lead and perform at your best, shaping the future of technology. This is a place where you are welcomed as your own perfectly unique self, and celebrated for the skills, talent, and perspective you bring to the team.

Ericsson Enterprise Wireless Solutions (BEWS) is the group responsible for leading Ericsson’s Enterprise Networking and Security business. Our growing product portfolio spans across wide area networks, local area networks and enterprise security. We are the #1 global market leader in Wireless-WAN based enterprise connectivity solutions and are growing fast in enterprise Private 5G networks and Secure Access Services Edge (SASE) solutions.

How Will You Contribute to the Company?

The primary responsibility of this role is to assess new and existing security vulnerabilities from internal and external sources, determine applicability, and document the impact and remediation strategy in a customer viewable format.  The role will focus on multiple technologies including all of the major cloud hosting environments, Linux based servers and firmware, specialized hardware products, multiple coding languages, and multiple virtualization technologies.  The successful candidate will have the ability to understand the technical aspects of security, assess the risk, and translate that into simple to understand language.

What Will You Do?

• Review vulnerability scan reports

• Monitor and assess external sources for new vulnerabilities

• Assess the applicability of vulnerabilities in context

• Determine the real impact of vulnerabilities

• Document findings and disclosures for each vulnerability and publish them to customers

• Negotiate with external researchers on disclosure timing

• Monitor remediations and update documentation

• Participate in Security Incidents regarding urgent vulnerabilities

• Provide metrics and statistics

Qualifications

Minimum Qualifications:

• Five (5) years of experience required (can include indirectly related experience)

• A team player

• Ability to interpret and explain CVEs to technical and non-technical audiences

• Working knowledge of hacking techniques

• Working knowledge of programming

• Working knowledge of risk evaluation

• Experience with the MS Office suite

• Excellent written and verbal communication skills

• Ability to react to changing priorities quickly and effectively

Preferred Qualifications:

• Experience evaluating security risk in context of the production environment

• Experience with Jira

• Experience communicating directly to customers

• Experience with at least one of these languages: Python, Go, Java, or C

• Experience with scan reports from Snyk, Qualys, Crowdstrike, Inspector, Vdoo, or Binwalk

• Experience working remotely across many time zones and cultures

• Security certifications such as CISSP, CRISC, AWS SCS, etc.

• Ability to work flexible hours

#LI-Remote

Why Ericsson Enterprise Wireless Solutions?

At Ericsson Enterprise Wireless Solutions, we are one team - all in on inclusion. Celebrating the uniqueness of our individual team members across the globe helps us build diverse teams where we all can thrive. Our connected, community-focused culture enables each one of us to perform at our best and fully be ourselves. 

 

Our values drive everything we do: 

• Respect: we don't point a finger; we lend a hand.
• Integrity: we do the right thing, even when it is hard; we make fact-based decisions.
• Perseverance: we accept and embrace change; we have a passion to win!
• Professionalism: we hold each other accountable.

We are creating the future of global connectivity and community. Come join us. You belong here. 

Compensation & Benefits at Ericsson Enterprise Wireless Solutions

At Ericsson Enterprise Wireless Solutions, we know that our people are the key to our success. We offer a competitive compensation and benefits package to help with your individual needs and goals.  

 

Your Pay: 

Ericsson Enterprise Wireless Solutions offers a competitive salary with a focus on a global market. For many roles, the compensation package includes annual and incremental incentive plans; certain eligibility and pro-ration rules apply.  The actual salary offered is dependent on various factors including, but not limited to, location, the candidate’s combination of job-related knowledge, qualifications, skills, education, training, and experience. 

  

Your Health: 

Ericsson Enterprise Wireless Solutions offers excellent, competitive employee benefits. Our global team members are eligible to participate in customary health and other benefit plans and programs based on location. 

 

Your Financial Security: 

Where available, Ericsson Enterprise Wireless Solutions offers an employee retirement plan.  

 

Your Time: 

Your work-life balance is important to us. Where locally applicable, Ericsson Enterprise Wireless Solutions provides generous paid time off, including: Flexible Time Off (FTO), four paid quarterly well-being days, and a Global Holiday schedule. Certain pro-ration rules apply to some time off benefits.    

 

Additional Benefits: 

Ericsson Enterprise Wireless Solutions offers other company-paid benefits such as a comprehensive International Employee Assistance Program, No Internal Meeting Fridays, and volunteer paid time off. 

 

 

Ericsson Enterprise Wireless Solutions’ Diversity, Equity, Inclusion, and Belonging mission is to create an inclusive work environment where all employees’ differences are celebrated, their thoughts matter, and everyone feels safe to bring their authentic selves to work. We’re proud to be an equal opportunity employer and aim to attract, develop, and engage top talent from a diverse candidate pool. It is our policy and commitment to provide equal opportunity employment for all persons and not discriminate in employment decisions by placing the most qualified person in each job, without regard to any other classification protected by federal, state, or local law.

Please note: Ericsson Enterprise Wireless Solutions does not accept agency resumes and is not responsible for any fees related to unsolicited resumes. Please do not forward resumes to Ericsson Enterprise Wireless Solutions employees.