Strategy and Technology lays the path for Nokia’s future technology innovation and identifies the most promising areas for Nokia to create new value. We set the company’s strategy and technology vision, offer an unparalleled research foundation for innovation, and provide critical support infrastructure for Nokia.
Part of Strategy & Technology, Group Security is Nokia’s central knowledge center responsible for Nokia’s cyber security policies and standards, the cyber security architecture and roadmap, and the monitoring, alerting of security incidents. We partner with the Nokia Business Groups and Central Functions on product security, customer security, and interact with governments on security regulations. Together we take care of Nokia’s security culture, processes, systems, products and services to position Nokia as a trusted partner for the 5G era and beyond.
You have:
Three to five years of security architecture experience, including auditing, security compliance testing, project risk management, security, or other internal controls. Solid & demonstrated experience in organizing teams, establishing priorities, and leading IT- & Business-related security projects. Able to work independently as well as in a team in a fast-paced environment and with demonstrated track record for completing work in a timely and organized fashion. Able to facilitate good stakeholder management in business or IT projects is a must, including outstanding written, verbal, and oral communication skills. Solid knowledge of current and future (information) security technologies, including business processes, data, applications, and network and systems infrastructure. This role acts in a transformational environment from traditional IT to digital cloud-based. Developments, in a variety of DevOps & agile structures. In depth understanding of these technologies and development methodologies is essential Experience in the design, implementation, and administration of multi-cloud security testing environments such as Azure, GCP, and/or AWS Capable of modeling threats & risks using standard frameworks (MITRE, STRIDE, Kill-Chain,…) Being familiar with NIST standards and other relevant security frameworks Good scripting knowledge (such as Java, C, python, PowerShell, Ansible) Relevant security certifications (CISSP, CISM, CEH, GPEN, OSCP) are considered as a plus.You are:
Passionate about technology and information security Strong and creative problem-solving abilities Highly self-motivated and self-directed Comfortable in fast-paced, ever-changing environments with ability to successfully translate diverse and complex ambiguities into actionable plans A team player – even when working in a virtual team – with a strong customer focus Ability to effectively prioritize and execute tasks in a high-pressure environment. Be convincing – including when working with remote teams Pro-Active – don’t await taking action when identifying a security needWilling to travel in line with the requirements of the role.
In today’s digital world, many corporate organizations have become dependent on thousands of systems that conduct multiple business critical functions (sales reporting, financial reporting, supply chain, manufacturing, managed service operations, etc…). The protection of those systems and their operational environments is paramount to the success of any organization.
The selection & implementation of security & privacy controls on business critical assets within Nokia is an important task, which can have implications on the operations and assets of Nokia. Understanding the overall threat landscape for those security & privacy controls is essential in determining the risk to the organization’s operations and assets resulting from the use of the system.
If you are passionate about the potential threat landscape targeting multi-national corporations like Nokia and want to understand & support Nokia Group Security Teams to detect & eventually remediate those threats, then this is your opportunity to become Security Architect at Nokia Group Security.
You will become part of the Security Architecture & Solutions (SAS) team, wherein you will join the Application Security Architecture teamTeam, you will.
In your role as Security Architect, you will:
Identify & understand Nokia’s threat landscape and main security risks using several Threat Intelligence Sources as well as support various IT & Business Digitalization Programs Define the target security solution architecture and corresponding security architecture requirements remediating the identified threats, vulnerabilities, and security risks. Technically define, test & validate security controls integrated into IT & Business Digitalization Programs Technically assess & vet (new) Nokia Solution Offerings (CNS SaaS, NDAC, RXRM, AIMS,…) and provide recommendation on how to effectively further harden these solutions. Support various Nokia IT & BG teams in advising on security best practices to ensure that Nokia’s critical assets & data always remain fully protected & secure (support in new supplier contract negotiations, support on merger & acquisitions activities, etc…). Act as Trusted Security Advisor towards your peers and other Nokia stakeholders in S&T, BG’s and other central functions across various security domains (Zero Trust Network Architecture, evolution to IPv6, IAM, secure Network & Application Segmentation, cloud & network security, application security, AI technologies, Software Security, Security Automation, Data Security, BC/DR & Cyber Resiliency, malicious attack types & penetration testing techniques…) Detect security flaws in existing digital solutions and provide recommendations on how to overcome these findings in a secure and cost-efficient manner by performing pro-active security architecture assessments and by staying abreast of new attack tactics and techniques. Define & introduce new innovative security solutions into Nokia’s Corporate Infrastructure. This effort encompasses activities like strategic solution thinking, solution budgeting, solution presentations, solution design, solution testing & validation, solution delivery.