Responsible Business & Employee Engagement

From Solution Integrator to Solutions Architect: One Individual's Exciting Career Journey

Feb 15, 2022 2:10 PM ET
office meeting before covid
Hermann Maurer

What’s it like to work as a security expert for a global company, which invests heavily in security and offers an open invitation to customers for dialogue on the issue? And how can one make the most of the opportunities presented in such an environment to evolve professionally? Hermann Maurer is here to answer these questions and walk you through his own inspiring and motivating story.

Taking the first step

There’s a famous quote about a journey of a thousand miles starting with a single step. My first step through the doors at Ericsson Greece in 2003 was the start of an incredible career journey, one that exceeded the mileage in the quote, as well as my own expectations. At the time, I felt ready and excited for the opportunity to work as a support engineer and solution integrator with a well-known multinational company. But I had no idea where the path would lead or just how incredible the whole experience would be.

On the path, I’ve learned a lot and I now know that in this industry it’s important to be open to learning and committing time to developing your knowledge further. In my job, I have always had access to supportive trainings and have had many opportunities to learn from others. I feel that asking more experienced professionals for support and guidance is essential and has been a key factor in my own success. But learning alone will not take you to the finish line, and it’s important to understand that. To be successful, you need a bit of luck on your side, and luck, I believe, is where preparation meets opportunity. Here, at Ericsson I was presented with numerous opportunities through my career to take on more complex tasks and assignments, and because I had put the groundwork in, I was ready to seize them when they came. So, if like me, you’re not prepared to fail, my advice is don’t fail to prepare!

Back in the early days of my career, I was excited to receive my first support ticket, to conclude my first IP network design, to apply my first firewall policy, to roll out my first network, to serve my first customer, and pass my first certification exam. All of those firsts sculpted me along my professional journey, and I wouldn’t be where I am today without them. My enthusiasm for every single task I’m given is a constant theme in my work, and each task helps me develop my skills and knowledge further.

In the last six years, I have managed to walk through my Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), and Certified Information Security Manager (CISM) certification processes anchoring security certified expertise in Austria and the rest of Europe. To date, I’ve gained significant international experience working on complex transformation and service delivery projects in Greece, Cyprus, Malta, Switzerland, Serbia, Germany, and Austria. I love the opportunity to work in new environments on the professional side as well as experience new cultures on a more personal level.

My area of expertise spans across charging, IPTV and smart metering, but right now my focus is on 5G trustworthiness, and network security, having been assigned to security roles in solution delivery. Many people would get bored if they had to work in the same domain or job for 20 years, but for me, working on various projects has just made me become more passionate about security as I understand its steadily increasing importance in the world today. Furthermore, I find it gets more exciting every single moment.

At Ericsson, our product security and privacy control frameworks are key in keeping our customers’ security and privacy commitments to their subscribers, ensuring their data is protected. Security requires a holistic approach, and we have to always keep in mind the technology, people, and processes. Here, security is embedded into every product, and the company ensures this with skilled and trained people to make sure that mandatory security processes are followed and integrated at all times.

Making dialogue happen

There are so many different stakeholders in a customer project environment, each coming at security from their own perspective: business, IT security, ISMS and risk management, privacy and data protection, compliance, security architecture, assurance, and security operations. Countless in-depth discussions are required to get the security right from every angle. We know security needs change over time and therefore require continuous dialogue. Strong security is the result of constant effort and commitment.

I love working for a company that offers an open invitation to customers to have a dialogue on security. That dialogue is essential, and I’m genuinely proud to be part of such discussions at my current base in Austria, helping local customers, clients, and partners with my expertise and advice.

Committing to and investing in security

There exists an outstanding collective security awareness within Ericsson as security applies across our value flow end-to-end. Any software development project starts with a risk assessment and privacy impact assessment to ensure adequate security per design, and Ericsson security masters are present in the local project teams together with our customers to make sure that our secure products are deployed, integrated, and operated in a secure way. Ericsson security professionals attend internal security chapter meetings regularly.

Although many companies emphasize the importance of security today, not all of them are willing to put their money where their mouth is, as the saying goes. I’ve found that Ericsson is truly committed to investment in the area, and that really helps me work as efficiently as I can. All our secure products and solutions are shipped with implemented security functions that must be integrated with the customer's environment and controls to put security and privacy in place.

Ericsson’s Security Reliability Model (SRM) is the mandatory control framework for security and data privacy, which is based on industry standards and best practices. Billions of mobile subscribers and devices are being handled through Ericsson equipment and solutions right now, and SRM acts as a catalyst to bring, ensure, and anchor security and privacy in all such products and solutions. Also, the defined principles from our security boards and integrity program including the security master concept especially within delivery organizations enables me, as a security master, to keep my security knowledge steadily up to date while conducting subject matter discussions with our customers.

Reflecting and looking forward

When people ask me what the key to my success has been in my career, I tell them there is honestly no single answer but that continuous learning is a big part of it. I always make sure I adapt to whatever environment I’m in whether this requires me to expand on a particular hard-skill or soft-skill through hands-on activities, training, or certification. I feel that doors have opened for me in this company because of my constant dedication and eagerness to learn, which enables me to deliver on project assignments around solution delivery and solution integration. The support and mentorship provided by my colleagues, and the continuous learning opportunities I have been presented with have been instrumental in my growth and development.

I’m proud of what I have achieved wearing my Ericsson badge so far, and I’m also excited because I know the journey is continuing. There is a plethora of opportunities for me as there is no shortage of work in this area. I am really looking forward to helping our customers as a security professional and concluding secure solutions so that their security controls remain effective tomorrow and beyond. If you’re interested in taking a similar leap please check out the careers site here—the opportunities in this domain are limitless.