GRC Engineer (Security Governance & Compliance Associate)
Nokia
Family Description
Customer Services (CS) covers customer service in different areas such as technical support, account support, operations, maintenance, network design / deployment / integration / transformation, and education. Generates revenue and the increase of customer satisfaction through planning, designing, deploying, integrating, optimising, operating, and maintaining phases.
Subfamily Description
Managed Services (MSE) is responsible for keeping the network running and proposing / conducting network upgrades based on business requirements. Covers technical managing and operating of agreed components of IT and telecommunications services provided to end users of Nokia customers, within contracts agreed with those customers.
Nokia is a global leader in connectivity for the AI era. With expertise across fixed, mobile and transport networks, powered by the innovation of Nokia Bell Labs, we’re advancing connectivity to secure a brighter world.
Our recruitment process
We act inclusively and respect the uniqueness of people. Our employment decisions are made regardless of race, color, national or ethnic origin, religion, gender, sexual orientation, gender identity or expression, age, marital status, disability, protected veteran status or other characteristics protected by law. We are committed to a culture of inclusion built upon our core value of respect.
If you’re interested in this role but don’t meet every listed requirement, we still encourage you to apply. Unique backgrounds, perspectives, and experiences enrich our teams, and you may be just the right candidate for this or another opportunity.
The length of the recruitment process may vary depending on the specific role's requirements. We strive to ensure a smooth and inclusive experience for all candidates. Discover more about the recruitment process at Nokia.
- Flexible and hybrid working schemes
- A minimum of 90 days of Maternity and Paternity Leave, with the option to return to work within a year following the birth or adoption of a child (based on eligibility)
- Life insurance to all employees to provide peace of mind and financial security
- Well-being programs to support your mental and physical health
- Opportunities to join and receive support from Nokia Employee Resource Groups (NERGs)
- Employee Growth Solutions to support your personalized career & skills development
- Diverse pool of Coaches & Mentors to whom you have easy access
- A learning environment which promotes personal growth and professional development - for your role and beyond
GRC Engineer provides foundational support for the Managed Security Services (MSS) GRC function. The primary objective is to assist in the day-to-day monitoring of security controls, maintain risk documentation, and support compliance activities related to telecom-specific regulations (TRAI, DOT) and global standards (ISO 27001, NIST).
Required Skills & Experience
- Qualification and Certification
- B.E/B.Tech in Computer Science, Telecommunication Engineering, or Information Security.
- Desired Certifications (Nice to Have)
- CompTIA Security+ or CISA (Foundation/Exam-ready).
- ISO 27001 Foundation or ITIL Foundation.
- Experience Level: 2–4 Years
- Required Technical Skills & Experience
Category | Requirements |
|---|---|
Frameworks | Foundational knowledge of ISO 27001, NIST CSF, and PCI-DSS. |
Telecom Basics | Basic understanding of telecom infrastructure (e.g., MPLS, 5G, or IoT) and regulatory bodies like TRAI/DOT. |
GRC Tools | Familiarity with tools such as RSA Archer, ServiceNow GRC, or MetricStream. |
Technical Knowledge | Basic understanding of security technologies like Firewalls, SIEM, and Access Management. |
Key Responsibilities
- Governance & Policy Support
- Documentation Maintenance: Assist in maintaining cybersecurity policies, standards, and frameworks according to the MSS scope.
- Policy Awareness: Support the training of employees and stakeholders on security best practices and compliance requirements.
- Reporting Assistance: Collate data for communicating risk posture and compliance status to internal teams and customers.
- Risk Management Assistance
- Risk Register Updates: Assist in maintaining the risk register by tracking treatment plans and mitigation strategies across client environments.
- Assessment Support: Provide administrative and technical support during security risk assessments and internal audits.
- BCP/DR Coordination: Assist in documenting strategies for incident response and business continuity planning (BCP).
- Compliance Monitoring
- Regulatory Tracking: Support adherence to Indian (TRAI, DOT, DPDPA) and global (GDPR, SOC 2) regulatory standards through data gathering and reporting.
- Control Monitoring: Monitor security controls and policy enforcement within the MSS environment to ensure alignment with compliance mandates.
- Audit Preparation: Organize and maintain compliance artifacts for audits, reviews, and regulatory reporting.
- Security Operations Alignment
- SOC Coordination: Assist in verifying that security incident handling processes meet documented compliance standards.
- Notification Adherence: Support the oversight of incident response activities to ensure adherence to regulatory notification guidelines.