Cyber Security Architect

**Come create the technology that helps the world act together**

Nokia is committed to innovation and technology leadership across mobile, fixed and cloud networks. Your career here will have a positive impact on people’s lives and will help us build the capabilities needed for a more productive, sustainable, and inclusive world.

We challenge ourselves to create an inclusive way of working where we are open to new ideas, empowered to take risks and fearless to bring our authentic selves to work.

**The team you’ll be part of**

As Nokia's growth engine, we create value for communication service providers and enterprise customers by leading the transition to cloud-native software and as-a-service delivery models. Our inclusive team of dreamers, doers and disruptors push the limits from impossible to possible.

Joining the Managed Security Services product line responsible for leading the Security Services delivered by Nokia, you'll participate in a fast growing organization with various missions, dedicated to secure critical infrastructure against modern day security threats, including disruptive technologies such as Cloud, IoT, virtualization, 5G, etc.

**What you will learn and contribute to**

**Job summary**

Nokia is looking for a technically sound cyber security architect to lead the design, build, implementation and testing of security architectures, systems and services for complex IT and Telecom environments. To be successful the security architect should have a strong understanding of information security, risk management, security architecture, network security & protocols, identity & access management, data security and security operations.

**Main Responsibility Areas**:

- Act as the lead security architect to design end-to-end cyber security solutions and services for complex IT and Telecom projects, including:

- Security infrastructure management solutions and services, such as firewall, public key infrastructure, anti-DDOS, etc.
- Managed detection and response solutions and services, such as security information and event management (SIEM), security orchestration, automation and response (SOAR), endpoint detection and response (EDR), extended detection and response (XDR), cyber threat intelligence (CTI), etc.
- Cloud security solutions and services, such as CASB (Cloud Access Security Broker), CWPP (Cloud Workload Protection Platform), CSPM (Cloud Security Posture Management), CNAPP (Cloud Native Application Protection Platform) and DLP (Data Loss Protection).
- Ensure a technological watch and competitive analysis on emerging commercial and open-source security products and attend international conferences and events.
- Ensure a technological watch on emerging 3GPP security requirements (e.g., 4G, 5G, etc.), ITU-T x.805, ISO27001, NIST, MITRE ATT&CK framework, and related standards.
- Work closely with product vendors and partners to select and assess new security products, follow-up on their features’ roadmaps and provide a support to product management’s technical inquiries.
- Provide a support to pre-sales’ technical inquiries, assess the customers’ requirements, design technical and business-sound solutions, and attend customers’ meetings to provide technical clarifications and presentations (possibly requiring travelling).
- Analyze organizations’ IT and Telecom security requirements, measures and weaknesses, and recommend enhancements.
- Design, build, implement and test cyber security architectures, systems and services for complex IT and Telecom environments.
- Develop incident response plans and procedures to ensure that business-critical services are recovered in the event of a security event
- Perform review & analysis with stakeholders to help establish the lessons learnt, create & update new/existing processes & procedures to mature the security operations services & support.
- Identify security gaps in security architecture resulting in recommendations for inclusion in the risk mitigation strategy.
- Improve scoring and grading metrics for effectiveness of continuous monitoring program.
- Participate in security governance process to provide security risks, mitigations, and input on other technical risks.
- Identify and anticipate system/server performance, availability, capacity, serviceability, recoverability, or configuration problems.
- Create, update & design security services product and new services.
- Support in providing regular reporting of the security program to customer security teams and leaders

**Your skills and experience**

**Key Competencies**:

- Masters or bachelor’s degree in computer science or related field such as cyber security.
- A minimum of 10 years of relevant experience in a combination of risk management, security, and operations technology job positions.
- Professional security management certifications are highly desirable, such as Certified Information Systems Security Professional (CISSP), Certified Information Security