Product Security Engineer

at  Ericsson

ABOUT THIS OPPORTUNITY:

At Mobile Financial Services (MFS) we enable financial inclusion - truly using Technology for doing good in society! Our systems are used by hundreds of millions of people every day for services such as peer to peer transfers, payments, disbursements, loans, savings etc. We use the latest and greatest tech and techniques to guarantee state-of-the-art software with premium quality. MFS is located in Karlskrona, Sweden and Gurgaon, India where we develop one of the world’s largest Fintech products.
The Ericsson Wallet Platform (EWP) product, enables our customers to provide financial services. The customers are operators and banks, and have the highest expectations on security.
We are now looking for a Product Security Engineer to join and strengthen our Security team!

THE SKILLS YOU BRING:

• BSc or higher equivalent education in Software Engineering, Computer Science or similar
• Solid understanding to work with modern software development techniques, JAVA, Linux, Docker, Kubernetes and Front-End/Back-End penetration skills.
• Highly developed skills and knowledge of product security in a Fintech and Cloud environment.
• Excellent understanding of security standards (e.g. ISO/IEC 27001, NIST SP-800 series, NIST Cybersecurity Framework, PCI SSS, OWASP Top 10, S-SDLC, etc.).
• Developed skills on development practices like architectural design, coding, and verification.
• Solid knowledge of security tools and testing methodologies
• Empowering skills and commitment.
• Understanding on standardizing way of working.
• Demonstrated ability of working in a leading role, preferably within IT security domains.
• Experience with security compliance.
• Comfortable with taking risk-based security decisions, weighing interest of multiple partner and risk profiles against each other.
• Experience with information security in mobile financial services and/or financial services is preferred.

• Aid in the development of secure software including data privacy and lead activities that improve the product’s security posture.
• Perform Front-End and Back-End penetration testing.
• Be responsible for leading the security activities during feature development such as:
• Security Risk Assessments
• Vulnerability Assessments
• Privacy Impact Assessments
• Secure Code Review
• Act as a security point of contact and drive security governance with internal partners.
• Steer prioritized improvement initiatives in key strategic and operational areas.
• Ensure that accurate mechanisms and tests are conducted on identified risk areas and that weaknesses are captured and corrected early in the design phase.
• Analyze policies, standards, benchmarks and other documentation.
• Provide best practice and compliant solutions which are simple, sophisticated, effective, cost conscious and secure.