Cloud Security Lead

About this opportunity:

As the Company at the forefront of the creation of the Mobile world, and with more than 60,000 patents to our name, we’ve made it our business to make a mark. Being part of Ericsson empowers you to learn, lead and perform at your best, shaping future technology. Ericsson is an inclusive employer where you are recognized for the skills, talent, and perspective you bring to the team.
Within the Solution Area Cognitive Networks Solutions Software R&D (SA CNS SW R&D), we offer the opportunity to collaborate with highly qualified Global teams and to enable success stories for our customers. You will be exposed to groundbreaking technology (5G, ML/AI, Automation and Cloud computing) and support the delivery of multiple Data-Intensive projects from our customer base and internal requirements. You must have the ability to perform hands-on Cloud and Data engineering tasks independently coupled with the appropriate testing. Are you ready to write the future with us?
Come, and be where it begins.

We are seeking a seasoned Cloud Security Lead to explore, design, and test the proper architecture on AWS to enable large-scale, high-performing, distributed cloud-native-based SaaS applications. As a Cloud Security Lead in CNS R&D Product Development Unit (PDU), your knowledge of software architecture will be key to supporting our different applications and customer scenarios, ensuring a smooth transition from development to production and maintenance. This position demands in-depth expertise in AWS technologies, you will establish best practices, optimize service reliability, and continuously improve security and performance across a multi-tenant SaaS environment. You will collaborate with cross-functional teams, including product owners, domain experts, and technical leads, to provide our products with reliability and scalability.

What you will do:

SaaS Multi-tenant Architecture and Innovation

• • Lead the system architecture, design, and implementation for our Cognitive Software products.
  • Analyze and design secure systems, aligning with Ericsson Security Design Rules.
  • Evaluate impacts, dependencies, and risks for both functional and non-functional requirements.
  • Stay ahead of IT technology evolution and drive adaptation within the team.

DevSecOps & Compliance

• • Embed Security best practices within the software development lifecycle, covering identity and access management (IAM), networking, VPC, encryption, and monitoring.
  • Ensure adherence to cloud compliance standards (SOC 2, HIPAA, GDPR, etc.), performing regular audits and vulnerability scans to maintain a robust security posture.

Collaboration and Leadership

• • Work closely with other system architects to enforce common practices and streamline our product suite.
  • Mentor technical leaders, promoting a collaborative, results-driven environment and advancing professional growth.
  • Demonstrate thought leadership within and outside the product unit.

Ensure Excellence

• • Be accountable for delivering the right architecture and implementation that adhere to Ericsson standards.
  • Align product architecture with security best practices and industry standards.

Business alignment

• • Work with product owners, development teams, and stakeholders to align Architecture and Security priorities with broader business objectives.
  • Understand business processes and able to align security strategies with organizational goals.
  • Ability to balance security needs with business requirements and constraints.

Adaptability and Continuous Learning

• • Stay updated with the latest security threats, trends, and technologies.
  • Adapt to evolving security challenges and technologies.

Cultural Fit

• • Align with the organization's values and culture.
  • Work within the organization's structure and contribute positively to its environment.

AI & Machine Learning Operations (MLOps)

• • Provide operational support for AI/ML models running on AWS, collaborating with data science teams to ensure security and optimize performance and reliability.
  • Embed Security within MLOps methodologies, ensuring secure, seamless model deployment, monitoring, and updates.
• Conduct Security testing, capacity planning, and performance tuning across AWS resources.
• Foster a culture of continuous improvement, refining operational processes and enhancing platform architecture to boost resilience.

The skills you bring:

• 8+ years of professional experience in software development, including hands-on design, implementation, and deployment of complex systems.
• 6+ years of dedicated experience in cybersecurity, with a strong emphasis on securing AWS cloud services and infrastructure (e.g., IAM, VPC, Security Groups, Encryption, CloudTrail, GuardDuty, and compliance frameworks like NIST or CIS benchmarks).
• Hands-on experience integrating security best practices into CI/CD pipelines, leveraging GitOps tools (Argo CD, Flux) for declarative deployments.
• Knowledge of machine learning lifecycle management, ensuring secure, robust and efficient AI/ML model deployments.
• Strong background in Linux system management, performance tuning, and troubleshooting.
• Expertise in VPNs, firewalls, routing, switching, DNS, load balancers, and related security considerations.
• Demonstrated strength in diagnosing complex technical issues and effectively communicating solutions to varied stakeholders.
• Bachelor’s degree in Computer Science, Computer Engineering, or a related field.

Cloud-Native Architecture

• Expertise in cloud-native software architecture principles and patterns.
• Proficiency with Docker, Kubernetes, microservices, and event-driven architecture.
• Experience leading design phases of cloud-native applications (HLD, LLD, DD, UAT).
• Deep understanding of virtualization, networking, and storage in public cloud environments.
• Demonstrated ability to manage, operate, and secure AWS services (e.g., IAM, S3, EKS, ECS, Fargate, App Runner, RedShift, SNS, SQS, EventBridge, Athena, SageMaker, Aurora, DynamoDB, Cognito, API Gateway, etc.).
• Proven experience with Kubernetes (preferably EKS) for container orchestration, including deploying and maintaining production workloads.

Security Expertise

• Deep understanding of security principles, practices, and technologies.
• Proficiency in network, cloud, application security, and data protection.
• Familiarity with security frameworks and standards (NIST, ISO 27001, CIS, etc.).
• Experience with security tools (firewalls, intrusion detection/prevention systems, encryption, vulnerability scanners).
• Proven track record in designing and implementing security architectures.
• Experience with risk assessment, threat modeling, vulnerability management, and regulatory compliance (GDPR, HIPAA, PCI-DSS).
• Preferred certifications: CISSP, CISM, CEH.
• Expertise in OWASP resources, including the Top 10 risks, Application Security Verification Standard (ASVS), Software Assurance Maturity Model (SAMM), Cheat Sheets, and their integration into Secure SDLC processes for identifying, assessing, mitigating vulnerabilities, and enhancing organizational secure development practices.

Software Development and Infrastructure Definition

• Experience with API design, application security, and secrets management.
• Familiarity with CI/CD/CT pipelines and practices.
• Experience with Infrastructure-as-a-Code frameworks, preferably Terraform, ensuring production-grade, secure infrastructure definitions.

Data Management and Governance

• Experience in designing scalable and efficient modern data architecture.
• Experience handling real-time and batch data at scale using distributed frameworks (Dask, Spark, etc.).
• Knowledge of data governance, data security, and privacy regulations.