Senior Cloud Security Engineer (SecDevOps)
Come create the technology that helps the world act together
Nokia is committed to innovation and technology leadership across mobile, fixed and cloud networks. Your career here will have a positive impact on people’s lives and will help us build the capabilities needed for a more productive, sustainable, and inclusive world.
We challenge ourselves to create an inclusive way of working where we are open to new ideas, empowered to take risks and fearless to bring our authentic selves to work.
About Cloud & Network Services
Cloud and Network Services is a leading Nokia business group that offers Network solutions on Core, Business and Enterprise segments, as well as Cloud solutions and Cognitive Services. It is a newly formed business group, that includes most of the former Nokia Software business, Nokia’s enterprise solutions, core network solutions including both voice and packet core, and managed and advanced services from its former Global Services unit. This unit will also act as a delivery channel of certain products from other business groups to enterprise customers. Cloud and Network Services (CNS) will target growth by leveraging the industry transition to cloud-based delivery, network-as-a-service business models, and software-led value creation.
About Nokia CNS SaaS
While SaaS is on fire in the general marketplace, it’s just beginning to emerge in the telecommunications sector. SaaS is important to us, not only because the market demands it, but because it produces a predictable and steady revenue stream. Our mandate is to drive Nokia’s adoption of this lucrative business model, leading communications service providers (CSPs) to new opportunities and profit. SaaS will eventually encompass our industry and we need to be in front of this tectonic shift to capitalize on the first-mover advantage.
We lead the “Software-as-a-Service” revolution in the Communications and Media industry through disciplined execution and high integrity, building on Nokia’s heritage as the premier industry thought leader and trusted technology partner to Communications Service Providers and Enterprises.We create technology that helps the world act together by delivering innovative and contemporary “Software-as-a-Service” products, enabling Nokia customers to rapidly deliver new and profitable communications services to their respective markets.
As Nokia's growth engine, we create value for communication service providers and enterprise customers by leading the transition to cloud-native software and as-a-service delivery models. Our inclusive team of dreamers, doers and disruptors push the limits from impossible to possible.
What you will learn and contribute to
The Nokia CNS Advanced Technology Group SaaS Acceleration team is hiring for designing and creating software, infrastructure, automation, processes and policies, and championing their adoption across Nokia CNS Advanced Technology Group to help us defend cloud infrastructure and SaaS applications for services delivered through a centralized SaaS Delivery and Operations framework.
Job Responsibilities & Competencies
- Provide leadership in the areas of Vulnerability Management, AST (Application Security Testing), Application Security, SSDLC (Secure Software Development Life Cycle), Data Analysis of security monitoring outputs, coordination of remediation patching, working with Development Teams and other daily Security and Compliance efforts.
- Design, implement, support and evaluate security-focused tools into our CI/CD pipeline, including AST tool oversight.
- Assist in developing an automated security framework for robust deployment tools and processes, leveraging various scripting languages and open-source solutions.
- Plays a critical role in providing technical support for day-to-day security operations, security tool integration, automation support, change management and business continuity program.
- Assist in defining security requirements and review of system to determine if they have been designed to comply with established security standards. Develop new policies and Standard Operation Procedures as necessary.
- Design, engineer, operationalize and maintain the secure systems which support continuous deployment/integration solutions with strong focus towards innovation.
- Analyze software design documents from a security standpoint and perform threat assessment for the developed cloud-native platform.
- Identify, integrate, monitor and improve security controls by understanding business processes.
- Implement secure software development measures into CI/CD pipelines in collaboration with development teams.
- Implementation of solution for monitoring the health of various applications and security appliances.
- Development of alerting infrastructure based on critical system resources to ensure a near zero downtime.
- Conduct regular Vulnerability Assessments and Penetration Tests. Support External/Internal Audits and security assessment requests. Help remediate the findings and implement improvement measures.
- Scheduled maintenance activities to keep the infrastructure components robust with latest patches and updated versions of software running in the infrastructure stack.
- Evaluate, select, implement and maintain security tools, infrastructure, and automation.
- Advise teams on developing pragmatic solutions that achieve business requirements to maintain acceptable levels of risk.
- Manage the security bug backlog with development teams.
- Perform other job‐related duties as requested.
Your skills and experience
- Bachelor's degree in Information Security, computer science, business, or a related field, or equivalent in experience and expertise.
- Industry Certifications such as CISSP, GPEN, GXPN, OSCP, GCIA, GSEC, GREM.
- Cloud Security Certifications like CCSP, CCAK, CCSK, AWS Certified Security Specialty is preferred.
It would be nice if you also had:
- Knowledge and expertise in a myriad of Information Security Solutions across cloud and IT security.
- Minimum 5 years of experience in designing and maintaining enterprise infrastructure solutions, project life cycle activities on development and maintenance projects. Including CI/CD and tools development.
- Must have experience working with Developers, DevOps, Engineering and Compliance teams in a dynamic environment to promote/implement the SecDevOps program throughout the organization.
- Experience with the maintenance of mission-critical enterprise security applications (such as NGFW, AV, DLP, log management and other technical controls).
- Experience in Agile development to incorporate CI/CD (Continuous Integration / Continuous Delivery) utilizing technologies such as GIT, Azure DevOps, Maven, Helm, Crucible.
- Must be able to work within environments like: Jenkins, Docker, Java, Python, Jinja, Ruby, Perl, Bash, Scripting YAML, SAST (Static Application Security Testing), DAST (Dynamic Application Security Testing).
- Experience working with AST (Application Security Testing) tools and their integration into the CI/CD pipeline.
- Familiarity with API Security, Container Security, AWS Cloud Security best practices.
- Experience configuring, implementing and leveraging computer security and networking diagnostic/monitoring tools.
- Knowledge of Linux patch management and related information security functions (authentication, encryption, iptables, SSL, Ciphers, etc)
- Experience with Kibana and Elastic search for logging and developed plugins, codecs for specific use cases.
- Experience with monitoring tools such as Grafana, alerting tools such as Prometheus, data collection such as Fluentd.
- Experience with Configuration management tools such as Git Implementation of automation using scripting languages such as Python, Bash, etc
- Experience with variety of operating systems, Cloud Data Platforms (AWS, Azure, GCP) and Cloud Computing (SaaS, PaaS, IaaS).
- Excellent analytical, interpersonal and English communication skills both oral and written.
- Strong customer centric mindset.
- Proactive sense of urgency and 'can do' attitude.
- Telcom experience is a plus.
- Strong problem solving and debugging skills.
- Result oriented with a hands-on mindset.
- Ability to convey and explain complex technical information to non-technical staff.
What we offer
Nokia offers flexible and hybrid working schemes, continuous learning opportunities, well-being programs to support you mentally and physically, opportunities to join and get supported by employee resource groups, mentoring programs and highly diverse teams with an inclusive culture where people thrive and are empowered.
Nokia is committed to inclusion and is an equal opportunity employer
Nokia has received the following recognitions for its commitment to inclusion & equality:
- One of the World’s Most Ethical Companies by Ethisphere
- Gender-Equality Index by Bloomberg
- Workplace Pride Global Benchmark
- LGBT+ equality & best place to work by HRC Foundation
At Nokia, we act inclusively and respect the uniqueness of people.
Nokia’s employment decisions are made regardless of race, color, national or ethnic origin, religion, gender, sexual orientation, gender identity or expression, age, marital status, disability, protected veteran status or other characteristics protected by law. We are committed to a culture of inclusion built upon our core value of respect.
Join us and be part of a company where you will feel included and empowered to succeed.