MBSS Engineer (Security Hardening Analyst)
Nokia
Family Description
Customer Services (CS) covers customer service in different areas such as technical support, account support, operations, maintenance, network design / deployment / integration / transformation, and education. Generates revenue and the increase of customer satisfaction through planning, designing, deploying, integrating, optimising, operating, and maintaining phases.
Subfamily Description
Managed Services (MSE) is responsible for keeping the network running and proposing / conducting network upgrades based on business requirements. Covers technical managing and operating of agreed components of IT and telecommunications services provided to end users of Nokia customers, within contracts agreed with those customers.
Nokia is a global leader in connectivity for the AI era. With expertise across fixed, mobile and transport networks, powered by the innovation of Nokia Bell Labs, we’re advancing connectivity to secure a brighter world.
Our recruitment process
We act inclusively and respect the uniqueness of people. Our employment decisions are made regardless of race, color, national or ethnic origin, religion, gender, sexual orientation, gender identity or expression, age, marital status, disability, protected veteran status or other characteristics protected by law. We are committed to a culture of inclusion built upon our core value of respect.
If you’re interested in this role but don’t meet every listed requirement, we still encourage you to apply. Unique backgrounds, perspectives, and experiences enrich our teams, and you may be just the right candidate for this or another opportunity.
The length of the recruitment process may vary depending on the specific role's requirements. We strive to ensure a smooth and inclusive experience for all candidates. Discover more about the recruitment process at Nokia.
- Flexible and hybrid working schemes
- A minimum of 90 days of Maternity and Paternity Leave, with the option to return to work within a year following the birth or adoption of a child (based on eligibility)
- Life insurance to all employees to provide peace of mind and financial security
- Well-being programs to support your mental and physical health
- Opportunities to join and receive support from Nokia Employee Resource Groups (NERGs)
- Employee Growth Solutions to support your personalized career & skills development
- Diverse pool of Coaches & Mentors to whom you have easy access
- A learning environment which promotes personal growth and professional development - for your role and beyond
MBSS Engineer is technical expert responsible for the end-to-end execution of Minimum Baseline Security Standards. This role focuses on the high-level technical design of security hardening controls for Telecom & IT nodes and overseeing compliance assessments and supporting the governance of MBSS compliances across various Lines of Business (LOBs) and Managed Service Providers (MSPs) for a telecom network.
Required Skills & Experience
Qualifications & Certifications
Education: B.E. / B.Tech in Computer Science, IT, or Electronics & Telecommunications.
-
Preferred Certifications:
- CISA or Security+.
- CCNA/CCNP Security or Nokia NRS I/II for network node understanding.
- Foundational Cloud certifications (Azure/AWS/GCP).
Experience Level: 4–8 Years
Required Technical Skills
| Category | Requirement |
|---|---|
Hardening Control & Tools | Working knowledge of CIS Benchmarks, NIST, and hardening for various OS/OEM Products (especially Telecom & IT). Experience in creating baseline standards for diverse Telecom & IT OEMs (Nokia, Ericsson, Cisco, Juniper, etc.) Proficiency in using automated compliance tools like BladeLogic, Nessus, or Qualys for large-scale scanning. |
Operating Systems | Hands-on experience with hardening Linux/Unix (GCUX), Windows (GCWN) & Telecom/IT Network environments. |
Networking | Understanding of node architecture, network segmentation, and CLI-based command collection for Telecom & IT Network devices. |
Compliance Management | Familiarity with CIS Benchmarks, NIST, and ITIL-based remediation tracking. |
Key Responsibilities
- MBSS Assessment Operations
- Automated Scanning: Execute quarterly and ad-hoc compliance scans across the IPv4/IPv6, telecom network elements and Cloud estate using MBSS automated tools.
- New Node Validation: Perform MBSS technical compliance checks for new nodes entering the production environment, ensuring artifacts meet hardening requirements (targeting ~1,000 nodes/month).
- Baseline Verification: Conduct validation tests to ensure that node configurations align with the "Unique Node Definitions" (Vendor, OS, and SW version).
- Tool Support: Provide front-line support for the MBSS tool operations, assisting in node onboarding and connectivity troubleshooting.
- Hardening Support & Control Design
- Template Testing: Assist the L3 Expert in testing new MBSS control design templates and command collections before mass rollout.
- Technical Research: Support the review of existing hardening guidelines by researching updated CIS Benchmarks and NIST standards for various OS/Vendors.
- OEM Coordination: Gather technical data and documentation from OEMs to assist in the control validation process.
- Compliance Tracking & Remediation
Issue Reporting: Generate and distribute detailed automated compliance reports and operational dashboards from the MBSS tool.
Follow-up & Tracking: Actively track the remediation of non-compliances, ensuring stakeholders meet defined timelines and SLAs.
Stakeholder Interaction: Participate in weekly governance meetings with LOB SPOCs and MSPs to explain technical gaps and verify evidence of closure.
Remediation Status Trackers: Weekly updates on the progress of non-compliance closure.