IT Product Architect - Endpoint Security

Join our Team
About this opportunity
Ericsson is a global leader in telecommunications and technology, driving innovation and connectivity worldwide. We are committed to creating a sustainable future through cutting-edge solutions and services.
We are now looking for an IT Product Architect - Endpoint Security to join our Computer & Mobile Product Line.
About Employee Experience - Product Line Computer & Mobile
PL Computer & Mobile delivers managed End User Computing, Privileged Access Workstation, Mobile Workplace and Endpoint Security to Ericsson's workforce & suppliers globally. We manage approx. 200.000endpoints in a multi-OS environment, using Microsoft Intune as Unified Endpoint Management. Our mission is to deliver an industry's leading computer & mobile experience to our Ericsson workforce. We do this based on our core principles; end-user experience, security, sustainability and economies of scale.
Key responsibilities
• Own the end-to-end technical architecture of Endpoint Security.
• Architectural expert in Endpoint Privileged Management (EPM), Endpoint Protection Platform (EPP), Microsoft defender for Endpoint DLP & Strong Authentication.
• Lead the Configuration, and management of Endpoint Privilege Management (EPM) solutions like CyberArk EPM across enterprise endpoint environments.
• Define and manage application control, privilege elevation, trust, and script distribution policies based on business requirements.
• Responsible for designing, governing, and evolving endpoint protection at enterprise scale using CrowdStrike Falcon.
• Responsible for building a scalable, resilient, and integrated endpoint security architecture, ensuring alignment with enterprise security strategy, regulatory requirements, and operational efficiency.
• Lead design, architecture, and governance of Microsoft Defender for Endpoint deployed in passive mode across the enterprise.
• Enable EDR capabilities, telemetry enrichment, and layered detection while ensuring seamless coexistence with CrowdStrike as a primary endpoint protection platform (EPP).
• Facilitate Phish-resistant authentication method enrollment for all users across Ericsson.
• Anchor usage/adoption of only phish-resistant credentials while accessing all applications across multiple devices for all types of users.
Key competencies

• Strong track record in all the above highlighted products of Endpoint Security.
• Align Endpoint Security products with Zero Trust Principles and compliance requirements from NIST, ISO.
• Understand the least privilege model, replacement of local admin right with JIT elevation and designing application control policies within EPM.
• Solid understanding in designing allow/deny rules with required whitelisting and blacklisting risky apps.
• Design Next Generation Antivirus policies within EPP to control prevention, detection, and response actions. Manage USB Device control.
• Manage enterprise architecture for Defender in Passive Mode with a coexistent strategy with third-party EPP - CrowdStrike.
• Good understanding of Phish-resistant authentication methods and should have an approach to transition the organization from password based to phish-resistant.
• Design the lifecycle of all product agents in compliance with security and functional requirements.
• Genuine interest in different operating systems and its security aspects, specifically; Microsoft Windows 11(and Microsoft's ecosystem in general, including Microsoft Intune, Entra ID), Apple MacOS, Linux Ubuntu Desktop, Google Android, Apple iOS.
• Intune, Entra ID), Apple MacOS, Linux Ubuntu Desktop, Google Android, Apple iOS.
• Ability to act as a technical leader: define direction, create standards, and communicate architectural decisions clearly.
• Excellent stakeholder and vendor interaction skills; ability to represent Ericsson in technical architecture forums.

Qualifications & Experience Requirements

• Minimum 8+ years of experience in the field of Endpoint Security, Security Operations Center/ Cyber Defense Center or similar or related architecture roles.
• Education: Degree in Computer Engineering, Cyber Security or related field. Degree in Computer Engineering, Information Technology, Cyber Security or related field.
• Preferred location: Bangalore (prioritized) or Noida, India.

Application
We look forward to your application with CV/Resume in English, clearly describing your experience in:- Endpoint management (EPM)- Endpoint Protection management (EPP)- Microsoft Defender in passive mode.- Multifactor Authentication, especially Phish-resistant
- Technical architecture or product ownership
Flexibility of work: We target 60% attendance at office.
Why join Ericsson?At Ericsson, you'll have an outstanding opportunity. The chance to use your skills and imagination to push the boundaries of what's possible. To build solutions never seen before to some of the world's toughest problems. You'll be challenged, but you won't be alone. You'll be joining a team of diverse innovators, all driven to go beyond the status quo to craft what comes next.
What happens once you apply? Click Here to find all you need to know about what our typical hiring process looks like.Encouraging a diverse and inclusive organization is core to our values at Ericsson, that's why we champion it in everything we do. We truly believe that by collaborating with people with different experiences we drive innovation, which is essential for our future growth. We encourage people from all backgrounds to apply and realize their full potential as part of our Ericsson team. Ericsson is proud to be an Equal Opportunity Employer. learn more.
Primary country and city: India (IN) || Bangalore
Req ID: 783693