Come create the technology that helps the world act together

Nokia is committed to innovation and technology leadership across mobile, fixed and cloud networks. Your career here will have a positive impact on people’s lives and will help us build the capabilities needed for a more productive, sustainable, and inclusive world.

We challenge ourselves to create an inclusive way of working where we are open to new ideas, empowered to take risks and fearless to bring our authentic selves to work.

The team you'll be part of 

Strategy and Technology lays the path for Nokia’s future technology innovation and identifies the most promising areas for Nokia to create new value. We set the company’s strategy and technology vision, offer an unparalleled research foundation for innovation, and provide critical support infrastructure for Nokia.

Part of Strategy & Technology, Group Security is Nokia’s central knowledge center responsible for Nokia’s cyber security policies and standards, the cyber security architecture and roadmap, and the monitoring, alerting of security incidents. We partner with the Nokia Business Groups and Central Functions on product security, customer security, and interact with governments on security regulations. Together we take care of Nokia’s security culture, processes, systems, products, and services to position Nokia as a trusted partner for the 5G era and beyond.  

The Group Security SAS Analysis & Advisory team is in charge of the security prevention area, being responsible for supporting IT and the business by assisting on the build of a strong line of defense, as well by detecting security issues beforehand, through conducting technical activities aimed at preventing cyber security incidents, ensuring the implementation and verification of cyber security controls making sure that those are fully harmonized with the company security policies and guidelines, by perform risk analysis, as well security advisory consultancy on a wide variety of information security topics and domains.

You have:

Solid and proven technical expertise in one or more multiple cyber security domains, such as (non-exhaustive) endpoint security, application security testing, ERP, and cloud security. Strong knowledge and experience in public cloud solutions (multi-cloud environments). Practical knowledge on network security, networking concepts and architectural implementations. Practical knowledge on vulnerability testing and capability to define proper remediations. Practical knowledge on application, database, and infrastructure security, having a strong understanding on ERP / SAP systems and how to secure them. Minimum of 2 years of relevant professional experience. Proficiency in English.

It would be nice if you also have:

Degree or master’s degree in Computer Science, Information Systems, Cyber Security, Information Assurance, Information Security, or related technical field. One or more of the following cyber security certifications: CISSP, CCSP, CRISC or GCP Cloud Security Engineer. Attention to detail, excellent problem solving, and follow-up skills are required. Ability to convey technical security concepts to non-technical audiences. Strong technology insight with a full appreciation on how technology can enable positive business transformation.

As part of our team, you will:

Perform security assessments and security audits on either new or existing solutions, for both IT and business groups, as well on other activities such as divestitures, solution analysis and focused assessments, following a secure by design approach. Translate security strategies into security requirements and use cases, as well operational requirements (threat modeling, alerting rules…). Perform security risk analysis and risk management. Perform web application security testing and vulnerability assessments. Provide security consulting and advisory for Nokia IT, Nokia Business Groups and Corporate Functions, supporting them on becoming compliant against Nokia Security Policies. Validate security controls proposed by Nokia technical teams and / or Nokia suppliers. Collaborate with all Group Security teams and other key stakeholders (such IT or business teams) during solution validation and user acceptance testing. Act as contact point for Group Security community on assigned topics and support your peers when being consulted on a broad spectrum of security solutions. Provide feedback to suppliers and propose actions to mitigate any solution shortcomings