Product L4 Security Assurance Lead

As a lead, you will be responsible for managing and resolving high-priority security incidents for key customers of Nokia's IMS products. You will serve as the central point of contact, ensuring support, technical responses, and resolutions from the Engineering team to address security incidents and vulnerabilities. Your role involves coordinating across functional teams to ensure timely and effective resolution.

Additionally, you will lead proactive engagements within the Engineering team to implement security practices and ensure timely corrections in the delivered software. You will drive process improvements to minimize future escalations and maintain a high level of customer satisfaction during critical incidents.

Leads the assurance of resolution on customer reported Security Incidents, and/or Security Issues, and/or Security vulnerabilities.

• Be the SLA guardian on Security tickets raised from the Voice Core solution.
• Ensures the timely resolution and the mandatory SLA/OLA are met on Security related tickets raised from the Voice Core solution used in the customer networks.
• Ensures the proactive methods on the Voice core solution portfolio in various customers, to ensure the Security hardening before the software is released to customer premises.
• Integrate Security Requirements: Implement public cloud platform security requirements into Nokia's Design for Security (DFSEC) and Security Vulnerability Management (SVM) process.
• Threat Evaluation: Assess infrastructure for potential threats, security vulnerabilities (CVE Analysis) and their impact using vulnerability databases.
• Expert Guidance: Guide R&D teams to align products with DFSEC requirements and collaborate with Product Security experts to keep methodologies current.
• Knowledge Leadership: Stay updated on emerging security trends, tools, and cloud/infrastructure security research.
• Communication and Advocacy: Present security improvements internally and create materials to showcase Nokia's container security approaches to various audiences.
  

• Experience: 9+ years in software development or testing within Telecommunications Networks, with expertise in cloud-native design and development.
• Cloud-Native Proficiency: Skilled in Microservices, Containers (Docker, Kubernetes, Helm), Virtualization, and Open-Source Integration (e.g., Apache Tomcat, Wildfly), with exposure to Agile methodologies.
• Security Expertise: Experienced in vulnerability assessment, CVE analysis (CVSS standard framework), security tests (e.g., Blackduck, Tenable, Anchore, NMAP), secure protocols (TLS, DTLS, SSH), and encryption methodologies. And cipher management.
• Strong ability to investigate, analyze, and respond to security incidents.
• Experience with Incident Response processes (e.g., triaging alerts, containment, eradication, and recovery).
• Security Leadership: Knowledgeable in Design for Security & Privacy, SOC management, Threat & Risk analysis, Security hardening, and Secure DevOps practices.
• Hands-on capabilities in Cloud Security, and DevSecOps.
• Able to work independently and in a team in a fast-paced environment and with a demonstrated track record for completing work in a timely and organized fashion.
• The ability to facilitate good stakeholder management in business or IT projects is a must, including outstanding written, verbal, and oral communication skills.

It will nice if you also had:

• Familiar with RFI/RFQ/RFP processes
• Security certifications are an advantage.

Come create the technology that helps the world act together

Nokia is committed to innovation and technology leadership across mobile, fixed and cloud networks. Your career here will have a positive impact on people's lives and will help us build the capabilities needed for a more productive, sustainable, and inclusive world.
We challenge ourselves to create an inclusive way of working where we are open to new ideas, empowered to take risks and fearless to bring our authentic selves to work

What we offer

Nokia offers continuous learning opportunities, well-being programs to support you mentally and physically, opportunities to join and get supported by employee resource groups, mentoring programs and highly diverse teams with an inclusive culture where people thrive and are empowered.

Nokia is committed to inclusion and is an equal opportunity employer

Nokia has received the following recognitions for its commitment to inclusion & equality:

• One of the World's Most Ethical Companies by Ethisphere
• Gender-Equality Index by Bloomberg
• Workplace Pride Global Benchmark

• Corporate Retirement Savings Plan
• Health and dental benefits
• Short-term disability, and long-term disability
• Life insurance, and AD&D - Company paid 2x base pay
• Optional or Supplemental life and AD&D insurance (Employee/Spouse/Child)
• Paid time off for holidays and Vacation
• Employee Stock Purchase Plan
• Tuition Assistance Plan
• Adoption assistance
• Employee Assistance Program/Work Life Resource Program