Family Description

Applied R&D (AR) consists of target-oriented research either with the goal of solving a particular problem / answering a specific question or for multi-discipline design, development, and implementation of hardware, software, and systems including maintenance support. Supplies techno-economic consulting to clients. AR work is characterized by its detailed and complex nature in order to systematically combine existing knowledge and practices to further developing and incrementally improving products, operational processes, and customer-specific feature development.

Subfamily Description

Software (SWA) comprises the definition, specification, and allocation of requirements from different sources utilising knowledge of systems engineering processes (specification & architecture). Contains processing of use case and feature requirements into conceptual models, operational scenarios, technical requirements, and functional description. Covers specification, design, implementation, and unit testing of Software (e.g. device drivers, microcode, hardware-related software & firmware) according to the requirements and architecture defined in the systems engineering process. Covers establishment and maintenance of Software Configuration Management (SCM) practices into software development projects, continuously building and integrating infrastructure tools and systems.

 

Qualifications:

Experience with Cloud Native, Microservices, Containers and Virtualization Technologies like Docker, Kubernetes (K8s), Helm, Ansible, Envoy/Istio, Consul and Open Source Integration

Expert in Design and Development using Cloud Native Principles with Analytical and debugging skills.

Expert  with Cloud Native, Microservices, Containers, and Virtualization Technologies.

Exposure to Agile development methodologies.

Experience with Vulnerability assessment, management and CVE analysis along with impact analysis. 

Involved with Security tests ( Black duck hub, Tenable, Codenomicon, Malware, NMAP, NetSparker, DOS attack, etc) and report analysis.

Design for Security and privacy kept in mind. Ensure that Design for Security & Privacy methodology

Working knowledge on secure protocols ( TLS/DTLS/SSH ), Encryption methodology, Ciphers etc..

Experience on handling/managing SOC, Threat & Risk analysis for a product

Knowledge on RFI/RFQ/RFP tendering process

Experience in Security hardening and Secure DevOps

Any Certification on Security Management is an added advantage
 

Implement requirements related to the public cloud platform requirements into Nokia’s Design for Security (DFSEC) process

Evaluate existing infrastructure and identify potential threats.

Assess impact of security vulnerabilities reported as by vulnerabilitiy databases.

Continuously maintain knowledge of cloud, infrastructure and security related research and emerging security tools and trends

Guide R&D teams to implement Nokia’s Design for Security (DFSEC) requirements to their products.

Work with other experts in the Product Security to ensure that the Design for Security methodologies are up-to-date

Present security improvements and capabilities to internal audiences.

Create communication material of Nokia’s container security approaches to internal and external audiences.