About the Company: At Ericsson, you´ll have an outstanding opportunity. The chance to use your skills and imagination to push the boundaries of what´s possible. To build solutions never seen before to some of the world’s toughest problems. You´ll be challenged, but you won’t be alone. You´ll be joining a team of diverse innovators, all driven to go beyond the status quo to craft what comes next.

About the Role: Regulatory Intelligence - Monitor and analyse regulatory policies, notifications, and guidelines. Compliance - Developing and implementing policies and procedures that ensure compliance with regulatory and ethical standards. Risk management - Identifying and mitigating compliance risks and supporting annual risk assessments. Advisory - Providing guidance to business teams on regulatory compliances. Audits - Conducting compliance reviews and audits and performing due diligence screening on third-party engagements. Decision-making - Overseeing key decision points to ensure appropriate decisions are made. Program management - Work internally with key stakeholders to drive compliance program covering impact assessment of regulatory requirements and identify risks. The security landscape is dynamically evolving from a regulatory perspective. Since security is a cross-cutting issue, India has a complex inter-ministerial and inter-departmental institutional framework, with several ministries, departments and agencies performing key functions. Communication Security Certification Scheme (ComSec) notified in 2020 follows Indian Telecom Security Assurance Requirements (ITSAR) and mandates testing in designated Telecom Security Test Labs (TSTL) accredited by National Centre for Communication Security (NCCS). Telecom Cybersecurity Rules 2024 - These rules expand the scope of data collection, increase the responsibilities of telecom entities, and introduce new roles and reporting requirements. They also emphasize a proactive approach to cybersecurity, with a focus on continuous monitoring, rapid response, and coordination between the government and telecom entities. Information Technology (The Indian Computer Emergency Response Team and Manner of Performing Functions and Duties) Rules, 2013 (2013 rules), established the Computer Emergency Response Team (CERT-In) and put in place obligations on intermediaries and service providers to report cybersecurity incidents to the CERT-In. Directions on information security practices, procedure, prevention, response and reporting of cyber incidents for a safe and trusted internet, issued in 2022 by the CERT-In, add to and modify existing cybersecurity incident reporting obligations under the 2013 rules. Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011 (SPDI rules) require companies that process, collect, store or transfer sensitive personal data or information to implement reasonable security practices and procedures. The Information Technology (Guidelines for Intermediaries and Digital Media Ethics Code Rules, 2021) require intermediaries to implement reasonable security practices and procedures to secure their computer resources and information, maintaining safe harbour protections. Intermediaries are also mandated to report cybersecurity incidents to the CERT-In. Information Technology (Information Security Practices and Procedures for Protected System) Rules, 2018, oblige companies that have protected systems - as defined under the IT Act - to put in place specific information security measures. Data localization - Mandatory data localization is a key provision of the 2024 Cyber Security Regulations in India. Incident reporting and response- All entities are required to report cybersecurity incidents to the Computer Emergency Response Team (CERT-In) within six hours of becoming aware of them. Cyber security audits and compliance- Cyber security audits and compliance are key provisions of the 2024 Cyber Security Regulations in India. National Critical Information Infrastructure Protection Centre (NCIIPC)- The NCIIPC was launched by the Indian government in 2014 and is under the Prime Minister's Office (PMO).

Key Responsibilities: Regulatory Intelligence - Monitor and analyse regulatory policies, notifications, and guidelines. Compliance - Developing and implementing policies and procedures that ensure compliance with regulatory and ethical standards. Risk management - Identifying and mitigating compliance risks and supporting annual risk assessments. Advisory - Providing guidance to business teams on regulatory compliances. Audits - Conducting compliance reviews and audits and performing due diligence screening on third-party engagements. Decision-making - Overseeing key decision points to ensure appropriate decisions are made. Program management - Work internally with key stakeholders to drive compliance program covering impact assessment of regulatory requirements and identify risks.