MBSS Security Lead (Hardening & Compliance)
Nokia
Family Description
Customer Services (CS) covers customer service in different areas such as technical support, account support, operations, maintenance, network design / deployment / integration / transformation, and education. Generates revenue and the increase of customer satisfaction through planning, designing, deploying, integrating, optimising, operating, and maintaining phases.
Subfamily Description
Managed Services (MSE) is responsible for keeping the network running and proposing / conducting network upgrades based on business requirements. Covers technical managing and operating of agreed components of IT and telecommunications services provided to end users of Nokia customers, within contracts agreed with those customers.
Nokia is a global leader in connectivity for the AI era. With expertise across fixed, mobile and transport networks, powered by the innovation of Nokia Bell Labs, we’re advancing connectivity to secure a brighter world.
Our recruitment process
We act inclusively and respect the uniqueness of people. Our employment decisions are made regardless of race, color, national or ethnic origin, religion, gender, sexual orientation, gender identity or expression, age, marital status, disability, protected veteran status or other characteristics protected by law. We are committed to a culture of inclusion built upon our core value of respect.
If you’re interested in this role but don’t meet every listed requirement, we still encourage you to apply. Unique backgrounds, perspectives, and experiences enrich our teams, and you may be just the right candidate for this or another opportunity.
The length of the recruitment process may vary depending on the specific role's requirements. We strive to ensure a smooth and inclusive experience for all candidates. Discover more about the recruitment process at Nokia.
- Flexible and hybrid working schemes
- A minimum of 90 days of Maternity and Paternity Leave, with the option to return to work within a year following the birth or adoption of a child (based on eligibility)
- Life insurance to all employees to provide peace of mind and financial security
- Well-being programs to support your mental and physical health
- Opportunities to join and receive support from Nokia Employee Resource Groups (NERGs)
- Employee Growth Solutions to support your personalized career & skills development
- Diverse pool of Coaches & Mentors to whom you have easy access
- A learning environment which promotes personal growth and professional development - for your role and beyond
The MBSS Lead is the primary authority for designing, implementing, and governing Minimum Baseline Security Standards across a massive telecom network. This role involves defining security hardening controls & templates for Telecom & IT nodes, overseeing compliance assessments, and leading the governance of MBSS compliances across various Lines of Business (LOBs) and Managed Service Providers (MSPs) for a telecom network.
Required Skills & Experience
Qualification:
Bachelor’s Degree: B.E. / B.Tech in Computer Science, Information Technology, or Electronics & Telecommunications.
Certification:
CISA (Certified Information Systems Auditor) /CISSP (Certified Information Systems Security Professional)
C-SANS (GCWN / GCUX)
Nokia/Cisco/Ericsson Network Certifications: Professional-level certifications (e.g., CCNP Security or Nokia NRS II) to understand the "Node Architecture" and "Command Collections" required for hardening templates.
Cloud Security Certifications (CCSP / Azure Security Engineer): Necessary for designing MBSS controls for the "Cloud Estate" portion of the 120,000 nodes.
-
Experience Level: 12–15 Years
Technical Proficiency & Requirements
Category | Requirement |
|---|---|
Hardening Expertise | Deep knowledge of CIS Benchmarks, NIST, and hardening for various OS/OEM Products (especially Telecom & IT). Proven experience in creating baseline standards for diverse Telecom & IT OEMs (Nokia, Ericsson, Cisco, Juniper, etc.) |
Compliance at Scale | Previous experience of managing compliance for 50,000+ nodes using automated tools (e.g., BladeLogic, SolarWinds, or custom MBSS tools). |
Telecom Infrastructure | Good hands-on understanding of working on Telecom Nodes (2G-5G Products) including architecture know how of Core, RAN, Tx & IP Fabric network & element architectures. |
Process Excellence | Knowledge of ITIL processes for managing SOD (Sign-Off Design) requests and operational governance. |
Governance | Ability to manage large-scale remediation projects across MSP and OEM environments. Experience of handling Tier 1 Customer Teams and various stakeholder management. |
Key Responsibilities
- MBSS Hardening Control Design
- Architecture Analysis: Understand complex node architectures and design security controls across multiple dimensions, layers, and planes.
- MBSS Control Design Templates: Develop MBSS control design templates, including specific command collections and validation methods for different Node Types, Vendors, OS, and Software Versions. It serves a comprehensive technical guide for node hardening.
- Standards Alignment: Refer to industry security standards to review and update existing hardening guidelines continuously.
- OEM Collaboration: Work with Original Equipment Manufacturers (OEMs) to validate controls and obtain final sign-off for deployment.
- MBSS Assessment Operations
- Large-Scale Compliance: Oversee quarterly compliance scanning for a landscape of 120,000+ nodes, supporting a 20% year-over-year growth.
- New Node Onboarding: Validate MBSS compliance for new nodes (targeting ~1,000 nodes/month) and provide security "Go-Live" approvals based on artifact submissions for all new nodes entering the production environment.
- Tool Liaison: Provide expert support to the MBSS tools team during First Node Implementation (FNI) and mass rollouts.
- Governance & Compliance Closure
- Stakeholder Management: Lead weekly operational governance meetings with Client, Asset Custodians, LOB SPOCs, and Managed Service Partners (MSPs).
- Closure Tracking: Follow up and track the remediation of non-compliances as per a defined escalation matrix and timelines.
- Reporting: Deliver Monthly compliance reports and weekly operational governance summaries