🌎
This job posting isn't available in all website languages

For Nokia Internal Employee access Log in here

Join us at Nokia to connect the world

Search jobs

Security Architecture and Technology Expert

📁
Corporate Services
💼
CNS Cloud and Network Services
📅
210000023M Requisition #
 
 
Job Description
 
Subject Matter Expert in areas of Security Techology acting as Security Advisor .Ensures Security Infrastructure, Applications, Data security, Identity & Access management solutions lifecycle administration and management activities are effectively delivered and enhanced for future.
 
Main Responsibility Areas:
  • Security process lifecycle management
  • Security technologies integrations
  • Security in Business continuity & Resiliency Management
  • Data protection & Privacy
 
Job Responsibilities & Competencies

Main Responsibility Areas:

  • Technical expertise & guidance
  • Managed detection and response
  • Threat modelling & Use case
  • Threat Intelligence & Threat hunting
  • Investigation and Digital Forensics

Key Tasks

  • Implement and ensure timely detection, identification, and alerting of possible attacks/intrusions, anomalous activities, and misuse activities and distinguish these incidents and events from benign activities. (Internal & external threat environment)
  • Define and implement event correlation using information gathered from a variety of sources to gain situational awareness and determine the effectiveness of an observed attack.
  • Develop & deploy security automation & response, threat intelligence & hunting capabilities
  • Develop incident response plans and procedures to ensure that business-critical services are recovered in the event of a security event
  • Perform review & analysis with stakeholders to help establish the lessons learnt, create & update new/existing processes & procedures to mature the security operations services & support.
  • Conduct research, analysis, and correlation across a wide variety of all source data sets
  • Investigates, analyzes, and responds to cyber incidents within the network environment or enclave.
  • Determine tactics, techniques, and procedures (TTPs) for intrusion sets.
  • Identify security gaps in security architecture resulting in recommendations for inclusion in the risk mitigation strategy.
  • Improve scoring and grading metrics for effectiveness of continuous monitoring program.
  • Responsible for setting up and maintaining security systems or specific components of a system (e.g. installing, configuring, and updating system; establishing and managing user accounts; overseeing or conducting backup and recovery tasks; implementing operational and technical security controls; and adhering to organizational security policies and procedures).
  • Participate in security governance process to provide security risks, mitigations, and input on other technical risks.
  • Identify and anticipate system/server performance, availability, capacity, serviceability, recoverability or configuration problems.
  • Design group policies and access control lists to ensure compatibility with organizational standards, business rules, and needs.
  • Ensure documentation of systems administration standard operating procedures.
  • Ensure implementation of baseline system security according to organizational policies.
  • Plan & verify data redundancy and system recovery procedures.
  • Create, update & design security services product and new services.
  • Support in providing regular reporting of the security program to customer security teams and leaders
  • Understand and interact with related disciplines to ensure the consistent application of policies and standards across the Security Infrastructure Management Services,
  • Determine the information security approach and operating model in consultation with stakeholders and aligned with the risk management approach and compliance monitoring of risk areas.
  • Perform review & analysis with stakeholders to help establish the lessons learnt, create & update new/existing processes & procedures to mature the Security Infrastructure Management Services.
  • Ensure that plans of actions and milestones or remediation plans are in place for vulnerabilities identified during risk assessments, audits, inspections, etc.
  • Facilitate security risk, legal and regulatory assessments, including the reporting and oversight of treatment efforts to address negative findings.

Key Competencies:

  • Knowledge of cyber-attack stages (e.g., reconnaissance, scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation, covering tracks).
  • Knowledge of malware analysis concepts and methodologies.
  • Ability to design incident response and handling methodologies for network & cloud service models.
  • Knowledge of common information security management frameworks, such as ISO/IEC 27001, ITIL, COBIT as well as those from NIST, including 800-53 and Cybersecurity Framework
  • Excellent stakeholder management skills
  • High level of personal integrity, as well as the ability to professionally handle confidential matters and show an appropriate level of judgment and maturity
  • High degree of initiative, dependability and ability to work with little supervision while being resilient to change
  • Excellent written and verbal communication skills, interpersonal and collaborative skills, and the ability to communicate security and risk-related concepts to technical and nontechnical audiences at various hierarchical levels
  • Proven track record and experience in developing SIEM use cases, Threat hunting, Forensics solutions, as well as successfully executing programs that meet the objectives of excellence in a dynamic business environment
  • Poise and ability to act calmly and competently in high-pressure, high-stress situations
  • Must be a critical thinker, with strong problem-solving skills
  • Knowledge and understanding of relevant legal and regulatory requirements e.g. Country specific telecom security conditions, CII (Critical Information Infrastructure) regulations etc.
  • Excellent analytical skills, the ability to manage multiple projects under strict timelines, as well as the ability to work well in a demanding, dynamic environment and meet overall objectives
  • Skill in conducting system/server planning, management, and maintenance.
  • Skill in implementing, maintaining, and improving established network security practices.
  • Skill in configuring and utilizing network protection components and software-based computer protection tools (e.g., Firewalls, VPNs, NIPS, HIDS, antivirus etc.).
  • Ability to apply an organization's goals and objectives to develop and maintain secure architecture.
  • Knowledge of computer networking concepts and protocols, and network security methodologies.
  • Knowledge of Vulnerability Management, Penetration Testing principles, Secure configuration and Application Security tools, and techniques.
  • Knowledge of network security architecture concepts and principles (e.g., application of defense-in-depth).
  • Knowledge and understanding of relevant legal and regulatory requirements e.g. Country specific telecom security conditions, CII (Critical Information Infrastructure) regulations etc.
Qualifications
  • 3-5 years of relevant experience in a combination of risk management, security and operations technology jobs
  • Professional security management certification is desirable, such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Computer Hacking Forensic Investigator (CHFI), Any SIEM (Splunk, ArcSight or Q-Radar) certification

Key Interfaces:

  • Customer Security Team
  • Customer Care (or equivalent)
  • Security Operations
  • 3rd Party Security services & product suppliers

Key Performance Measures:

  • Customer Satisfaction
  • Security operations SLA & KPI’s
  • Use case development
  • SoW Adherence
 
Working with us, you will have a positive impact on people’s lives and help to overcome some of the world’s most pressing challenges. We act inclusively and respect the uniqueness of people. At Nokia, employment decisions are made regardless of race, color, national or ethnic origin, religion, gender, sexual orientation, gender identity or expression, age, marital status, disability, protected veteran status or other characteristics protected by law. Nokia culture welcomes people as their true selves.
 
 

Previous Job Searches

My Profile

Create and manage profiles for future opportunities.

Go to Profile

My Submissions

Track your opportunities.

My Submissions
Life at Nokia
Explore Employee Blogs
We create the technology to connect the world

Stay in touch with us through our social media channels:

Follow us on Facebook
Follow us on LinkedIn
See us on Glassdoor
Follow us on Twitter

Similar Listings

CNS Cloud and Network Services

Lannion, France, France

📁 Corporate Services

Requisition #: 2100000273

CNS Cloud and Network Services

Lannion, France, France

📁 Corporate Services

Requisition #: 210000023I

CNS Cloud and Network Services

Lannion, France, France

📁 Corporate Services

Requisition #: 210000023F

Teams at Nokia

See all jobs

Research & Development

See new jobs

Market & Sales development

See new jobs

Corporate services

See new jobs
Nokia is an equal opportunity employer that is committed to diversity and inclusion. At Nokia, employment decisions are made regardless of race, color, national or ethnic origin, religion, gender, sexual orientation, gender identity or expression, age, marital status, disability, protected veteran status or other characteristics protected by law.