SOC Analyst

Come create the technology that helps the world act together

Nokia is committed to innovation and technology leadership across mobile, fixed and cloud networks. Your career here will have a positive impact on people's lives and will help us build the capabilities needed for a more productive, sustainable, and inclusive world.

We challenge ourselves to create an inclusive way of working where we are open to new ideas, empowered to take risks and fearless to bring our authentic selves to work.

Strategy and Technology lays the path for Nokia's future technology innovation and identifies the most promising areas for Nokia to create new value. We set the company's strategy and technology vision, offer an unparalleled research foundation for innovation, and provide critical support infrastructure for Nokia.

Part of Strategy & Technology, Group Security (GS) is Nokia's central knowledge center responsible for Nokia's cyber security policies and standards, the cyber security architecture and roadmap, and the monitoring, alerting of security incidents.

We partner with the Nokia Business Groups and Central Functions on product security, customer security, and interact with governments on security regulations.

Together we take care of Nokia's security culture, processes, systems, products and services to position Nokia as a trusted partner for the 5G era and beyond

The Cyber Security Defense Center (CDC) is looking for a new profile taking up responsibilities in the Operations Team. As the Security Operations Center (SOC) Analyst, you will be tasked with the execution of incident response, investigative analysis of security incidents, reporting, continuous improvement, and post incident activities. You will collaborate with the CDC Engineering Team, with the internal Nokia teams, external Security Suppliers and various technology vendors.

What you will learn and contribute to

• L1 and L2 SOC activities like monitor, triage, investigate, and respond to suspicious activity across all company assets.
• Perform log analysis, register and document support alerts and response activities
• Use a combination of manual and automated tools to analyze various data sets
• Help stakeholders to determine the best course of action to remedy the problem
• Assist the CERT (Computer Emergency Response Team) with root cause analysis of simple and more complex security issues
• Collaborate with the SOC Engineer in identifying use cases that leverage existing tools to enable automation and improve detection.
• Actively participate in our goal to continuously improve the way we work; identify improvement areas on our technology, process, and techniques to enhance our detection and response capabilities
• Interface with other Group Security teams and assist with general IT security as required
• Contribute to ensure the ongoing objectives of the CDC are accomplished and measurable.
• Work with Nokia IT teams
• Work with the Nokia's Business Groups for security incidents in their environments
• Work closely with the Nokia Group Security team for improvements and assessment of new technologies and practices
• Contribute to Threat Hunting Activates by supporting the definition of hunting test cases

Your skills and experience

You have:

• BSc or MSc degree (preferred) in computer science with relevant industry certifications (SSCP, SANS, OSCP etc.)
• Minimum of 2 years working in security practices (SOC experience preferred)
• Familiar with DevOps
• Scripting skills (knowledge of KQL , PowerShell and Python)
• Knowledge of the following technologies is required: Microsoft Azure, Azure Sentinel
• English proficiency
• Team-oriented personality

It would be nice if you also had:

• Understanding of the incident response lifecycle at both technical and procedural level
• Experience performing incident response in the following technologies are preferred: Azure Sentinel, Azure log analytics, Symantec EDR, Microsoft Defender, FortiGate, Kibana and Carbon Black
• Ability to solve problems using scripting and automation
• Understanding of IT fundamentals across networking, system, and application layers, including knowledge on hardware, software, networks, and data centers
• Knowledge of office productivity tools (O365), ERP and CRM Systems (e.g. SAP, Ariba, Salesforce)
• Knowledge of Public Cloud Environments (GCP, MS Azure, AWS)
• Practical knowledge on vulnerability testing & the capability to define mitigations
• Practical knowledge of application and database security / ethical hacking
• Capable of performing stand-alone penetration tests
• Interest in developing knowledge in other security related areas and domains
• Interest in obtaining Cyber Security certifications: CEH, CISSP, CCSP and other vendor specific certifications.

Nokia offers flexible and hybrid working schemes, continuous learning opportunities, well-being programs to support you mentally and physically, opportunities to join and get supported by employee resource groups, mentoring programs, and highly diverse teams with an inclusive culture where people thrive and are empowered.

Nokia is committed to inclusion and is an equal opportunity employer

Nokia has received the following recognitions for its commitment to inclusion & equality:

- One of the World's Most Ethical Companies by Ethisphere

- Gender-Equality Index by Bloomberg

- Workplace Pride Global Benchmark

- LGBT+ equality & best place to work by HRC Foundation

At Nokia, we act inclusively and respect the uniqueness of people.

Nokia's employment decisions are made regardless of race, color, national or ethnic origin, religion, gender, sexual orientation, gender identity or expression, age, marital status, disability, protected veteran status or other characteristics protected by law.

We are committed to a culture of inclusion built upon our core value of respect.

Join us and be part of a company where you will feel included and empowered to succeed.