Join us in creating the technology that helps the world act together
We are a B2B technology innovation leader pioneering the future where networks meet cloud. At Nokia you will have a positive impact on people’s lives and help build the capabilities needed for a more productive, sustainable, and accessible world.
Be part of a culture built on an inclusive way of working where we are open to your ideas, you are empowered to take risks and are encouraged to be fearless in bringing your authentic self to work.
The team you'll be part of
Strategy and Technology lays the path for Nokia’s future technology innovation and identifies the most promising areas for Nokia to create new value. We set the company’s strategy and technology vision, offer an unparalleled research foundation for innovation, and provide critical support infrastructure for Nokia.
Part of Strategy & Technology, Group Security is Nokia’s central knowledge centre responsible for Nokia’s cyber security policies and standards, the cyber security architecture and roadmap, and the monitoring, alerting of security incidents.
We partner with the Nokia Business Groups and Central Functions on product security, customer security, and interact with governments on security regulations.
Together we take care of Nokia’s security culture, processes, systems, products and services to position Nokia as a trusted partner for the 5G era and beyond.
Soft skills (non-exhaustive)
Problem solving attitude Adaptability Work organization / structuring Capability to prioritize Collaborative attitude Natural authority, not afraid to speak up Able to deal with complex, technical challenges Break down abstract problem statements into smaller, more actionable, investigation or development requirements
Hard skills/Technical (non-exhaustive)
Strong knowledge in the Microsoft security portfolio (e.g. Defender) is a big plus Willing to learn new technologies (e.g. SOAR) Knowledge of and experience with Agile Development Concepts is a big plus Able to support technical deep-dives while maintaining the e2e-perspective Knowledge or experience on the domains listed hereunder are a key plus for the role: Good programing/scripting skills (knowledge of Python, PowerShell and KQL); Knowledge of Microsoft Azure, Azure Sentinel, Azure Log Analytics, AWS and GCP platforms Security Logging and Log Management Software Whitelisting Operations Vulnerability Scanning and Assessments Anti-malware and anti-spam (high touch point to executives and common attack vectors) Network Firewall and VPN DLP Proxy Management NIDS/NIDP HIPS Routing and LAN switching Server management (Wintel and UX) Monitoring, logging & security event correlation techniques Data analytics technologies & methodologies Advanced reporting techniques (e.g. PowerBI)
It would be nice if you also have:
Certified Ethical Hacker – EC Council (CEH) Certified Computer Forensics Examiner (Access Data, SANS) Certified Information Security Systems Professional (CISSP) Certified Cloud Security Professional (CCSP) Certified Information Systems Manager (CISM) Certified in Information Systems Risk Management (CRISC) or the ability to work toward obtaining the above certifications.What you will learn and contribute to
For this position you’ll be part of Group’s Security Cyber Defense Center (CDC) working as a Security Engineering Professional in the CDC Engineering team.
As part of our team, you will actively support the specification, implementation and maintenance of the tools and systems required to support Cyber Defense Center (CDC) operations. In scope of the activities are the set-up, extension and maintenance of the Security Information and Event Management (SIEM) solution, the implementation and maintenance of the respective security alerting rules, keeping the logging infrastructure at scale and performant, maintain an effective Threat Intelligence platform and integrations, enable Security Orchestration, Automation and response (SOAR) with the respective automation playbooks, etc.
Above activities should be done in a cost effective and innovative way bringing value to the Business Groups / Central Functions & Digital Office teams through simplification, standardization and homogenization.
The Key accountabilities for this role include:
Develop and maintain the tool and system configurations to have an effective set of Cyber Defense operations;Interact with internal delivery teams to create new integration and security monitoring/detection capabilities with Cyber Defense Center;Collaborate with the CDC SOC Analyst in implementing use cases that leverage existing tools to enable automation and improve security incident detections;Identify use cases that leverage existing tools to enable automation;Work to identify security integration strategies;Create reusable and efficient Automation Playbooks;Implement and deliver continuous improvement in the automation Playbooks for security indecent response and Security Compliancy verifications. This role also includes supporting the definition of requirements that enable new and innovative integrations with additional tools and systems;Master the security equipment’s, relevant tools and optimize the configurations;Train and mentor security operational teams;Partner with Security Operations and Architecture teams, Threat intelligence experts, CERT and other Digital Office and Business Group Stakeholders;Actively participate in the Security Community as a SME, presenting in forums, both online and at conferences.Research security enhancements and make recommendations to management;Stay up to date on information technology trends and security standards.