Production Security Champion

## Join our Team We are looking for a Production Security Champion/Security Specialist to join the RAN Performance team. In this role, you will ensure that production and production-adjacent environments including CI/CD pipelines, build and test infrastructure, performance labs, and related tooling, comply with Ericsson security expectations and external regulations. This is not a product feature security role; it is about securing the engineering backbone that RAN Performance products are built, tested, and delivered on. You will translate requirements from frameworks such as NIST SSDF, NCSC, and EU CRA into concrete controls and ways of working, serve as the connection point between RAN Performance and key stakeholders. What you will do: * Regulatory & Framework Alignment Interpret and translate NIST SSDF, NCSC, EU CRA and related frameworks into concrete security controls for build/test tools, CI/CD pipelines, SBOM tracking, access control, and logging. Ensure audit-ready evidence is available for self-attestations, customer requests, and regulatory reviews. * Secure Development & Operations Culture Turn secure development principles into practical guidelines for production tooling and automation: covering secure scripting, CI/CD patterns, and secrets/credentials handling. Drive security awareness and training for engineers and operations teams, making security requirements understandable and actionable. * Standardized Ways of Working Define and maintain reusable security ways of working for RAN Performance production, including access request flows, security review checkpoints, logging and retention requirements, and incident handling routines. Build clear documentation, templates, and checklists teams can apply when onboarding new tools or making environment changes. * Risk, Vulnerability & Access Management Maintain an aggregated risk view for production environments, coordinating vulnerability management (intake, triage, prioritization, follow-up) and periodic access reviews (onboarding/offboarding, re-certification, segregation of duties). Drive structured, transparent handling of vulnerabilities, hardening, privileged access, and exceptions through to closure. * Lead the Production Security Chapter Lead a chapter of Security Masters and Principal Security Masters across production and production-like environments. Set shared goals and backlogs, ensure two-way information flow between teams and leadership, and keep activities synchronized with the Product Security Champion, RAN Performance leadership, and the BNEW R&D Security Program. What You will bring: * Hands-on experience with RAN Performance / TPS or similar production, lab, CI/CD, build, and test environments * Strong understanding of security frameworks, secure SDLC/SSDF, and CI/CD architectures, with the ability to translate requirements into concrete controls and evidence * Solid knowledge of security concepts including vulnerability management, secure configuration, identity and access management, and Ericsson's SRM framework * Experience with security activities such as risk assessments, security reviews, audits, or customer security questionnaires * Good understanding of regulatory expectations for R&D/production environments (NIST SSDF, EU CRA, NIS2) * Proven ability to lead cross-functional initiatives and drive change through influence rather than formal authority ## Good to have * Previous experience as a Security Master, Security Champion, or equivalent role * Experience with automated security tooling in CI/CD (SAST, DAST, SCA, infrastructure scanning) * Exposure to customer or external security/compliance audits in RAN or IT environments * Familiarity with the Security Master Model and BNEW R&D Security Program ways of working What do we offer * Annual bonus depending on the achievement of the company's goals and results * Possibility to take advantage of the reduction of tax-deductible costs for creative work * Financial awards and distinctions * Private medical care for employee and their family (Medicover) * Life insurance * Mental Help Line * Cafeteria system Pluxee platform: co-financing MultiSport or OK System card, lunch cards, and others * Sports and integration activities (e.g. Football, Joga, raising team, climbing club) * Company support (loans and grants) * Possibility to participate in 3G / 4G / 5G... 6G technology projects * Opportunity to participate in technical and interpersonal training conducted by international trainers * Access to recognized learning platforms (Pluralsight, Skillsoft, Coursera) * Opportunity to work in an international environment, also outside Poland Why join Ericsson?At Ericsson, you´ll have an outstanding opportunity. The chance to use your skills and imagination to push the boundaries of what´s possible. To build solutions never seen before to some of the world’s toughest problems. You´ll be challenged, but you won’t be alone. You´ll be joining a team of diverse innovators, all driven to go beyond the status quo to craft what comes next. What happens once you apply?Click Here to find all you need to know about what our typical hiring process looks like.Encouraging a diverse and inclusive organization is core to our values at Ericsson, that's why we champion it in everything we do. We truly believe that by collaborating with people with different experiences we drive innovation, which is essential for our future growth. We encourage people from all backgrounds to apply and realize their full potential as part of our Ericsson team. Ericsson is proud to be an Equal Opportunity Employer. learn more. Primary country and city: Poland (PL) || Lodz Req ID: 785462