Security Assessment Expert

**Come create the technology that helps the world act together**

Nokia is committed to innovation and technology leadership across mobile, fixed and cloud networks. Your career here will have a positive impact on people’s lives and will help us build the capabilities needed for a more productive, sustainable, and inclusive world.

We challenge ourselves to create an inclusive way of working where we are open to new ideas, empowered to take risks and fearless to bring our authentic selves to work.

**The team you’ll be part of**

As Nokia's growth engine, we create value for communication service providers and enterprise customers by leading the transition to cloud-native software and as-a-service delivery models. Our inclusive team of dreamers, doers and disruptors push the limits from impossible to possible.
- You’ll join the fast growing organization Managed Security Services, leading the Security Services delivered by Nokia and dedicated to secure critical infrastructure against modern day security threats, including disruptive technologies such as Cloud, IoT, virtualization, 5G, etc.
- The Product Line is thus responsible for many activities, such as conceptualization of products, identification of target addressable market, planning & budgeting, business case development, writing customer value proposition and go-to-market strategy, development of sales/pre-sales capability, pushing marketing initiatives, organising delivery models & readiness including program for capability development, incubation of products, market launch, sustenance & growth management as well as P&L governance.
- As part of Managed Security Services Product Line, you’ll be able to get involved in these tasks and contribute to the success of this business.

**What you will learn and contribute to**

**Job summary**

Nokia is looking for a security assessment expert to lead, coordinates, communicates, integrates, and be accountable for the overall success of the Vulnerability Management (Infra and Application) and audit and compliance activity. This includes conducting risk assessments, researching and evaluating new and existing security solutions, implementing security policies and procedures, and providing technical guidance to other teams.

**Main Responsibility Areas**:
**Subject matter expertise (20%)**:

- Ensure a technological watch and competitive analysis on existing commercial and open-source VA tools, also, with the latest container security, multi-vendor vulnerability management,

**Pre-sales support (40%)**:

- Provide a support to pre-sales’ technical inquiries, assess the customers’ requirements, design technical and business-sound solutions, and attend customers’ meetings to provide technical clarifications and presentations (possibly requiring travelling).
- Providing technical guidance and expertise on VM reports, conduct Proof-of-concept for customers and suggest on best technology.

**Products development (40%)**:

- Develop practice and service blueprint around VM, SCM, and AppSec Management as a service.
- Work closely with product vendors and partners to select and assess new security products, follow-up on their features’ roadmaps and provide a support to product management’s technical inquiries.
- Design, build, implement and test VM, SCM, and AppSec Management solutions for complex IT and Telecom infrastructures.
- Create technical documentations, presentations and deliver competence development materials and trainings to relevant key stakeholders.

**Your skills and experience**

**Technical Competencies**:

- Minimum 5 years of experience in a security role, with a focus on VM security with Certifications such as CISSP, CEH, CCSP, CSSLP, etc.
- Hands-on experience with security scanner tools like Tenable, Qualys, Nmap etc.

**Soft Skills**:

- High level of personal integrity, as well as the ability to professionally handle confidential matters and show an appropriate level of judgment and maturity.
- Strong communication skills, with the ability to explain complex security concepts to non-technical audiences.
- Strong project management skills, with the ability to lead and manage penetration testing projects.
- Must be a critical thinker, with strong problem-solving skills.

**Nice to Have**:

- Experience with DAST and SAST AppSec tools is a plus.
- Experience with cloud infrastructure and security is a plus.
- Knowledge of security compliance frameworks, such as PCI DSS, HIPAA, and NIST.
- Knowledge of network security architecture concepts and principles (e.g., defense-in-depth).

**What we offer**

Nokia offers flexible and hybrid working schemes, continuous learning opportunities, well-being programs to support you mentally and physically, opportunities to join and get supported by employee resource groups, mentoring programs and highly diverse teams with an inclusive culture where people thrive and are empowered.

**Nokia is committed to inclusion and is an equal opportunity e