We create thetechnology to connect the world. Powered by the research and innovation ofNokia Bell Labs, we serve communications service providers, governments, large enterprisesand consumers with the industry's most complete, end-to-end portfolio ofproducts, services and licensing.
We adhere to the highest ethical business standards as we create technologywith social purpose, quality and integrity. Nokia is enabling theinfrastructure for 5G and the Internet of Things to transform the humanexperience.
The vision of NokiaIT is to be a trusted business partner delivering value for Nokia. Inline with this, Nokia IT follows three strategic pillars : to Simplifyvia integration and standardization;
to Enable the business as a strongbusiness partner; to Partner to develop internal competence and establishNokia’s digital platforms.
Nokia IT Cyber Security has a mission the protection of Nokiadata and IT assets by employing a range of technologies and processes toprevent, detect and manage cyber threats.
In order to sustain that evolvinglandscape, new capabilities need to be introduced or created . We areaddressing this by setting up a new CyberSecurity Defense Center.
Within Nokia IT Cyber Security Defense Center ,the Analysis & Advisory team isresponsible for anticipating cyber security threats by promoting asecurity-by-design framework for the Nokia IT activities.
The Cyber Security Analysis & Advisory team is looking for a Security Analyst in charge of thesecurity prevention area. The Security Analyst will conduct technicalactivities aimed at preventing cyber incidents, by ensuring implementation andverification of cyber-security controls in line the company security processesand policies, provide risk analysis and provide advisory consultancy on a widevariety of information security issues, concerns, and problems.
Part of its role, the Security Analyst is expected to :
Assess projects, IT changes and other type of activities for compliance with the Nokia security policies
Perform security audits and assessments on new or existing solutions and other project types such as acquisitions and divestitures
Perform Security Risk Analysis and Assessments
Offer security expertise in line with the latest threats knowledge
Perform Vulnerability and Penetration Testing
Provide security consulting for Nokia IT and Nokia Business Groups and Corporate Functions and supporting them in becoming compliant with the Nokia Security Policies
Validate security controls proposed by Nokia technical teams or Nokia suppliers
Create a close relationship with the Business Groups, IT community and suppliers’ counterparts
Drive a cultural change around Cyber Security
Contribute to projects and changes in accordance to our corporate processes
Understand the actual security posture and threats of the company
Identify security needs of the company, assess solutions, make suggestions for improvement
Education - Master’s degree in computer science or related technical field.
Experience - Minimum of 2 years of relevant professional experience required.
Certifications - One or more of the following certifications is highly preferred : CEH, CISSP, CCSP, CRISC, CISA, ECSA, MCSE, etc.
Other Skills :
Strong technology insight with a full appreciation of how technology can enable positive business change
Knowledge of office productivity tools (e.g. O365), ERP and CRM Systems (e.g. SAP, Ariba, Salesforce) Public Could solutions (Azure, AWS, Google Cloud)
Strong IT skills including knowledge on hardware, software, networks, and data centers.
Practical knowledge of network security, networking concepts and architectural implementations
Practical knowledge on vulnerability testing & the capability to define mitigations
Practical knowledge of application and database security / ethical hacking desirable
Capable of performing stand-alone penetration tests desirable
Interest in developing knowledge in other security related areas and domains
Attention to details, excellent problem solving and follow-up skills required
Team player - Excellent relationship with stakeholders
Capable to work with IT outsourcing partners
Ability to convey technical security concepts to non-technical audience
Compliance, Assurance and Security expertise at an enterprise and global scale
Proficient in English