Production Security Champion

Join our Team

We are looking for a Production Security Champion/Security Specialist to join the RAN Performance team. In this role, you will ensure that production and production-adjacent environments including CI/CD pipelines, build and test infrastructure, performance labs, and related tooling, comply with Ericsson security expectations and external regulations. 

This is not a product feature security role; it is about securing the engineering backbone that RAN Performance products are built, tested, and delivered on. You will translate requirements from frameworks such as NIST SSDF, NCSC, and EU CRA into concrete controls and ways of working, serve as the connection point between RAN Performance and key stakeholders. 

What you will do:  

• Regulatory & Framework Alignment  
  Interpret and translate NIST SSDF, NCSC, EU CRA and related frameworks into concrete security controls for build/test tools, CI/CD pipelines, SBOM tracking, access control, and logging.  
  Ensure audit-ready evidence is available for self-attestations, customer requests, and regulatory reviews. 
  
  


• Secure Development & Operations Culture  
  Turn secure development principles into practical guidelines for production tooling and automation: covering secure scripting, CI/CD patterns, and secrets/credentials handling.  
  Drive security awareness and training for engineers and operations teams, making security requirements understandable and actionable. 
  
  


• Standardized Ways of Working  
  Define and maintain reusable security ways of working for RAN Performance production, including access request flows, security review checkpoints, logging and retention requirements, and incident handling routines.  
  Build clear documentation, templates, and checklists teams can apply when onboarding new tools or making environment changes. 
  
  


• Risk, Vulnerability & Access Management  
  Maintain an aggregated risk view for production environments, coordinating vulnerability management (intake, triage, prioritization, follow-up) and periodic access reviews (onboarding/offboarding, re-certification, segregation of duties). Drive structured, transparent handling of vulnerabilities, hardening, privileged access, and exceptions through to closure. 
  
  


• Lead the Production Security Chapter  
  Lead a chapter of Security Masters and Principal Security Masters across production and production-like environments. Set shared goals and backlogs, ensure two-way information flow between teams and leadership, and keep activities synchronized with the Product Security Champion, RAN Performance leadership, and the BNEW R&D Security Program. 

What You will bring:
 

• Hands-on experience with RAN Performance / TPS or similar production, lab, CI/CD, build, and test environments


• Strong understanding of security frameworks, secure SDLC/SSDF, and CI/CD architectures, with the ability to translate requirements into concrete controls and evidence


• Solid knowledge of security concepts including vulnerability management, secure configuration, identity and access management, and Ericsson's SRM framework


• Experience with security activities such as risk assessments, security reviews, audits, or customer security questionnaires


• Good understanding of regulatory expectations for R&D/production environments (NIST SSDF, EU CRA, NIS2)


• Proven ability to lead cross-functional initiatives and drive change through influence rather than formal authority  

Good to have

• Previous experience as a Security Master, Security Champion, or equivalent role


• Experience with automated security tooling in CI/CD (SAST, DAST, SCA, infrastructure scanning)


• Exposure to customer or external security/compliance audits in RAN or IT environments


• Familiarity with the Security Master Model and BNEW R&D Security Program ways of working