Cyber Security Architect

Come create the technology that helps the world act together

Nokia is committed to innovation and technology leadership across mobile, fixed and cloud networks. Your career here will have a positive impact on people's lives and will help us build the capabilities needed for a more productive, sustainable, and inclusive world.

We challenge ourselves to create an inclusive way of working where we are open to new ideas, empowered to take risks and fearless to bring our authentic selves to work.

The team you'll be part of

As Nokia's growth engine, we create value for communication service providers and enterprise customers by leading the transition to cloud-native software and as-a-service delivery models. Our inclusive team of dreamers, doers and disruptors push the limits from impossible to possible.

You'll join the fast growing organization Managed Security Services, leading the Security Services delivered by Nokia and dedicated to secure critical infrastructure against modern day security threats, including disruptive technologies such as Cloud, IoT, virtualization, 5G, etc.

The Product Line is thus responsible for many activities, such as conceptualization of products, identification of target addressable market, planning & budgeting, business case development, writing customer value proposition and go-to-market strategy, development of sales/pre-sales capability, pushing marketing initiatives, organizing delivery models & readiness including program for capability development, incubation of products , market launch, sustenance & growth management as well as P&L governance.

As part of Managed Security Services Product Line, you'll be able to get involved in these tasks and contribute to the success of this business.

What you will learn and contribute to

Job summary

Nokia is looking for a technically sound cyber security architect to lead the design, build, implementation and testing of security architectures, systems and services for complex IT and Telecom environments. To be successful the security architect should have a strong understanding of information security, risk management, security architecture, network security & protocols, identity & access management, data security and security operations.

Main Responsibility Areas:

Security Architecture and Solutioning (60%):

• Act as the lead security architect to design end-to-end cyber security architectures, solutions and services for complex IT and Telecom projects, including several of these security domains:
  • Governance, risk and compliance (GRC) solutions and services, such as vulnerability management, penetration testing, application security management, etc.
  • Security infrastructure management solutions and services, such as firewall, public key infrastructure, anti-DDOS, etc.
  • Managed detection and response solutions and services, such as security information and event management (SIEM), security orchestration, automation and response (SOAR), endpoint detection and response (EDR), extended detection and response (XDR), cyber threat intelligence (CTI), etc.
  • Cloud security solutions and services, such as CASB (Cloud Access Security Broker), CWPP (Cloud Workload Protection Platform), CSPM (Cloud Security Posture Management), CNAPP (Cloud Native Application Protection Platform) and DLP (Data Loss Protection).
• Ensure a technological watch and competitive analysis on new security products, 3GPP security requirements (e.g., 4G, 5G, etc.), ITU-T x.805, ISO27001, NIST, etc.
• Work closely with product vendors and partners to select and assess new security products, follow-up on their features' roadmaps and provide a support to product management's technical inquiries.

Pre-sales support (40%):

• Provide a support to pre-sales' technical inquiries, assess the customers' requirements, design technical and business-sound solutions, and attend customers' meetings to provide technical clarifications and presentations (possibly requiring travelling).
• Analyze organizations' IT and Telecom security requirements, measures and weaknesses, and recommend enhancements.
• Perform review & analysis with stakeholders to help establish the lessons learnt, create & update new/existing processes & procedures to mature the security operations services & support.

Your skills and experience

Technical Competencies:

• Masters or bachelor's degree in computer science or related field such as cyber security.
• A minimum of 10 years of relevant experience in a combination of risk management, security, and operations technology job positions.
• Knowledge of cyber-attack stages (e.g., reconnaissance, scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation, covering tracks).
• Knowledge of common information security management frameworks, such as ISO/IEC 27001, ITIL, COBIT as well as those from NIST, including 800-53 and Cybersecurity Framework.
• Knowledge of computer networking concepts and protocols, and network security methodologies.
• Knowledge of network security architecture concepts and principles (e.g., application of defense-in-depth).
• Ability to apply an organization's goals and objectives to develop and maintain secure architecture.

Soft Skills:

• High level of personal integrity, as well as the ability to professionally handle confidential matters and show an appropriate level of judgment and maturity.
• High degree of initiative, dependability, and ability to work with little supervision while being resilient to change.
• Excellent written and verbal communication skills, interpersonal and collaborative skills.
• Must be a critical thinker, with strong problem-solving skills.

Nice to Have:

• Professional security management certifications are highly desirable, such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Computer Hacking Forensic Investigator (CHFI), and any SIEM related certification (e.g., Splunk, ArcSight or Q-Radar) certification.
• Knowledge on Telecom communications technologies and architectures (Core and/or RAN), Telecom security protocols, 3GPP security requirements and related standards.
• Experience in developing SIEM use cases, Threat hunting, Forensics solutions, as well as successfully executing programs that meet the objectives of excellence in a dynamic business environment
• Knowledge of Vulnerability Management, Penetration Testing principles, Secure configuration and Application Security tools, and techniques.
• Knowledge and understanding of relevant legal and Telecom regulatory requirements, e.g., Country specific telecom security conditions, CII (Critical Information Infrastructure) regulations, etc.

What we offer

Nokia offers flexible, hybrid and #LI-Remote working schemes, continuous learning opportunities, well-being programs to support you mentally and physically, opportunities to join and get supported by employee resource groups, mentoring programs and highly diverse teams with an inclusive culture where people thrive and are empowered.

Company Culture: We believe our people are our greatest asset and we aim to foster a fun, challenging, positive, and inclusive work environment. We offer 1-on-1 mentorship, learning and development opportunities, global impact and interaction, and flexible work/life balance.

Nokia is committed to inclusion and is an equal opportunity employer

Nokia has received the following recognitions for its commitment to inclusion & equality:

• One of the World's Most Ethical Companies by Ethisphere
• Gender-Equality Index by Bloomberg
• Workplace Pride Global Benchmark
• LGBT+ equality & best place to work by HRC Foundation

At Nokia, we act inclusively and respect the uniqueness of people.

Nokia's employment decisions are made regardless of race, color, national or ethnic origin, religion, gender, sexual orientation, gender identity or expression, age, marital status, disability, protected veteran status or other characteristics protected by law.

We are committed to a culture of inclusion built upon our core value of respect.

Join us and be part of a company where you will feel included and empowered to succeed.