Role Description

The Security Lead will be responsible for the end-to-end coordination of implementation and maintenance of security controls in accordance with corporate policies and programs. The main area of accountabilities cover defining and implementing Supply Chain security strategies and best practices. The role will centralize efficiency validation of compliancy programs implemented by all SC units & work with a virtual team of security SPoCs in each SC unit.

 

Team leading experience min 6+ years as team coordinator and/or program managerVery good technical background related with creation and execution application and infra vulnerabilities management and penetration testing programsGood understanding implementation and maintenance mechanism of information security management systemsAbility to perform security requirements capture and analysis with a working ability to identify architecturally significant requirements and their ramifications.3+ years’ experience in hands-on technical security control architecture & design, InfoSec Operations reportingPractical experience in implementation and maintenance of data privacy management systemsWorking knowledge of Business Continuity ManagementTechnology Risk ManagementGap assessment for new technology, analytical skills allow to discover new type of threats and risk for information processing systemsGood understanding of computer information operates environment (application, OS, network) processesKnowledge related with Information Security on ISC2 security foundation levelUnderstanding on working with quality management standardsPractical knowledge related with ITIL Information Security areaExcellent communications and documentation skills in EnglishPractical project management skills confirmed by working experience,Ability of easy communication in English in international environment

You will:

Lead identification & mitigation of security & privacy risks in supply chainDefine the security & privacy strategy and execute the implementation (incl. information & application security)Lead incident management in case of a security or privacy breachImplement & monitor the compliance to critical regulations and standards (e.g. CRA, NIS2, GDPR, ISO27k,…)Lead virtual team of security, privacy, and compliancy experts across Mobile Networks Supply Chain internally and externally with our partnersClosely collaborate with Nokia Group Security, Group Privacy and Mobile Networks security & privacy teams