L3 MBSS Expert (Senior Security Hardening Specialist)
Nokia
Family Description
Customer Services (CS) covers customer service in different areas such as technical support, account support, operations, maintenance, network design / deployment / integration / transformation, and education. Generates revenue and the increase of customer satisfaction through planning, designing, deploying, integrating, optimising, operating, and maintaining phases.
Subfamily Description
Managed Services (MSE) is responsible for keeping the network running and proposing / conducting network upgrades based on business requirements. Covers technical managing and operating of agreed components of IT and telecommunications services provided to end users of Nokia customers, within contracts agreed with those customers.
Nokia is a global leader in connectivity for the AI era. With expertise across fixed, mobile and transport networks, powered by the innovation of Nokia Bell Labs, we’re advancing connectivity to secure a brighter world.
Our recruitment process
We act inclusively and respect the uniqueness of people. Our employment decisions are made regardless of race, color, national or ethnic origin, religion, gender, sexual orientation, gender identity or expression, age, marital status, disability, protected veteran status or other characteristics protected by law. We are committed to a culture of inclusion built upon our core value of respect.
If you’re interested in this role but don’t meet every listed requirement, we still encourage you to apply. Unique backgrounds, perspectives, and experiences enrich our teams, and you may be just the right candidate for this or another opportunity.
The length of the recruitment process may vary depending on the specific role's requirements. We strive to ensure a smooth and inclusive experience for all candidates. Discover more about the recruitment process at Nokia.
- Flexible and hybrid working schemes
- A minimum of 90 days of Maternity and Paternity Leave, with the option to return to work within a year following the birth or adoption of a child (based on eligibility)
- Life insurance to all employees to provide peace of mind and financial security
- Well-being programs to support your mental and physical health
- Opportunities to join and receive support from Nokia Employee Resource Groups (NERGs)
- Employee Growth Solutions to support your personalized career & skills development
- Diverse pool of Coaches & Mentors to whom you have easy access
- A learning environment which promotes personal growth and professional development - for your role and beyond
The MBSS Expert is the technical subject matter expert responsible for the end-to-end execution of Minimum Baseline Security Standards. This role focuses on the high-level technical design of security hardening controls for for Telecom & IT nodes and overseeing compliance assessments and supporting the governance of MBSS compliances across various Lines of Business (LOBs) and Managed Service Providers (MSPs) for a telecom network.
- Qualifications & Certifications
- Education: B.E. / B.Tech in Computer Science, IT, or Electronics & Telecommunications.
- Primary Certifications:CISA or CISSP is required.
- Technical Certifications: C-SANS (GCWN / GCUX) for Windows/Unix expertise.
- Network Professional Certs: CCNP Security or Nokia NRS II.
- Cloud Security: CCSP or Azure Security Engineer (for the Cloud Estate portion of the network).
- Experience Level: 8–12 Years
- Required Technical Skills
Category | Requirement |
|---|---|
Hardening Expertise | Deep knowledge of CIS Benchmarks, NIST, and hardening for various OS/OEM Products (especially Telecom & IT). Proven experience in creating baseline standards for diverse Telecom & IT OEMs (Nokia, Ericsson, Cisco, Juniper, etc.) |
Telecom Infrastructure | Good hands-on understanding of working on Telecom Nodes (2G-5G Products) including architecture know how of Core, RAN, Tx & IP Fabric network & element architectures. |
Scale Management | Proven experience managing security compliance for 50,000+ nodes using automated tools like BladeLogic or custom MBSS tools. |
Governance | Ability to coordinate large-scale remediation projects across MSP and OEM environments. |
Key Responsibilities
- Technical Control Design & Engineering
- Advanced Architecture Analysis: Perform deep-dive analysis of complex node architectures to design security controls across various dimensions, layers, and planes.
- MBSS Control Design Templates: Develop comprehensive MBSS control design templates, including specific command collections and validation methods for diverse Node Types, Vendors (Nokia, Cisco, Juniper), OS, and Software Versions. It serves a comprehensive technical guide for node hardening.
- Standard Alignment: Continuously research and integrate CIS Benchmarks, NIST, and other industry standards into existing hardening guidelines.
- OEM Technical Liaison: Collaborate directly with Original Equipment Manufacturers (OEMs) to technically validate controls and secure sign-offs for production deployment.
- Operational Excellence at Scale
- Assessment Execution: Manage quarterly compliance scanning operations for a massive landscape of 120,000+ nodes.
- Technical Onboarding: Validate MBSS compliance for new nodes (targeting ~1,000 nodes/month) and provide technical "Go-Live" approvals based on artifact verification.
- Tool Deployment Support: Act as the technical point of contact for the MBSS tools team during First Node Implementations (FNI) and mass rollouts.
- Technical Governance & Remediation
- Gap Analysis & Reporting: Produce detailed technical compliance reports and weekly operational governance summaries for the MBSS Lead.
- Closure Coordination: Technically support Asset Custodians and Managed Service Partners (MSPs) in remediating non-compliances according to the escalation matrix.
- Process Management: Apply ITIL processes to manage Sign-Off Design (SOD) requests and ensure operational governance standards are met.