VAPT & Red Teaming Engineer
Nokia
Family Description
Customer Services (CS) covers customer service in different areas such as technical support, account support, operations, maintenance, network design / deployment / integration / transformation, and education. Generates revenue and the increase of customer satisfaction through planning, designing, deploying, integrating, optimising, operating, and maintaining phases.
Subfamily Description
Managed Services (MSE) is responsible for keeping the network running and proposing / conducting network upgrades based on business requirements. Covers technical managing and operating of agreed components of IT and telecommunications services provided to end users of Nokia customers, within contracts agreed with those customers.
Nokia is a global leader in connectivity for the AI era. With expertise across fixed, mobile and transport networks, powered by the innovation of Nokia Bell Labs, we’re advancing connectivity to secure a brighter world.
Our recruitment process
We act inclusively and respect the uniqueness of people. Our employment decisions are made regardless of race, color, national or ethnic origin, religion, gender, sexual orientation, gender identity or expression, age, marital status, disability, protected veteran status or other characteristics protected by law. We are committed to a culture of inclusion built upon our core value of respect.
If you’re interested in this role but don’t meet every listed requirement, we still encourage you to apply. Unique backgrounds, perspectives, and experiences enrich our teams, and you may be just the right candidate for this or another opportunity.
The length of the recruitment process may vary depending on the specific role's requirements. We strive to ensure a smooth and inclusive experience for all candidates. Discover more about the recruitment process at Nokia.
- Flexible and hybrid working schemes
- A minimum of 90 days of Maternity and Paternity Leave, with the option to return to work within a year following the birth or adoption of a child (based on eligibility)
- Life insurance to all employees to provide peace of mind and financial security
- Well-being programs to support your mental and physical health
- Opportunities to join and receive support from Nokia Employee Resource Groups (NERGs)
- Employee Growth Solutions to support your personalized career & skills development
- Diverse pool of Coaches & Mentors to whom you have easy access
- A learning environment which promotes personal growth and professional development - for your role and beyond
The L1 VAPT & Red Teaming Engineer is responsible for executing baseline security assessments and discovery scans. This role serves as the first line of defense in identifying known vulnerabilities, assisting in the initial stages of "Assume Breach" simulations, and maintaining the hygiene of the organization's attack surface through continuous monitoring and reporting.
Required Skills & Experience
Experience Level: 2+ Years in offensive security, preferably within a Telecommunications or ISP environment.
Education: Bachelor’s degree in Computer Science, Cyber Security, or a related field.
Technical Skills & Qualifications
| Category | Requirements |
|---|---|
| Tools | Basic experience with Nessus, Nmap, Burp Suite (Community/Pro), and Metasploit. |
| Standards | Foundational knowledge of OWASP Top 10 and the MITRE ATT&CK framework. |
| Networking | Understanding of TCP/IP, DNS, and basic Network Segmentation. |
| Scripting | Basic ability to read or write simple scripts in Python, Bash, or PowerShell. |
| Certifications | CompTIA Security+, CEH, or eJPT (Preferred); OSCP (Aspiration/In-Progress). |
Key Responsibilities
1. Automated Scanning & Asset Discovery
- Network Discovery: Perform scheduled and ad-hoc scans to identify active IPs, hostnames, and services across IPv4, IPv6, and Cloud environments.
- Vulnerability Assessment: Operate and maintain automated scanning tools such as Nessus, Qualys, or Rapid7 for infrastructure and application-level checks.
- Initial Results Triage: Conduct basic analysis of scan outputs to identify and remove obvious false positives.
2. Infrastructure & Application Support
- Preliminary Pentesting: Assist in manual security testing of network devices and basic server configurations.
- Web Scanning: Run automated DAST (Dynamic Application Security Testing) tools on web applications and APIs based on OWASP Top 10 standards.
- Configuration Audits: Support the team in verifying the effectiveness of basic VLAN and firewall isolation rules.
3. Red Teaming Support
- Simulation Assistance: Support L2/L3 engineers during "Assume Breach" exercises by setting up testing environments or performing initial internal topology mapping.
- Reconnaissance: Execute preliminary reconnaissance and OSINT gathering using automated tools and public sources.
- TTP Documentation: Assist in mapping identified gaps to the MITRE ATT&CK framework for reporting purposes.
4. Attack Surface & Dark Web Monitoring
- Shadow IT Tracking: Use Attack Surface Management (ASM) tools to monitor for unauthorized or exposed digital assets.
- Data Monitoring: Perform routine checks on forums and messaging channels for mentions of company-specific threats or leaked data like MSISDNs or credentials.
5. Remediation Tracking & Reporting
- Vulnerability Follow-up: Actively track the status of identified vulnerabilities and follow up with technical teams to ensure closure within SLAs.
- Re-testing Support: Assist in conducting validation scans to confirm that implemented security patches are working correctly.
- Drafting Deliverables: Help produce technical evidence and Proof-of-Concept (PoC) screenshots for final reports.