The Nokia CNS SaaS BO Delivery& Ops Framework team is hiring for designing and creating software, infrastructure, automation, processes and policies, and championing their adoption across Nokia CNS SaaS BO to help us defend cloud infrastructure and SaaS applicationsfor services delivered through a centralized SaaS Delivery and Operations framework.

• Conduct regular Vulnerability Assessments and Penetration Tests. Support External/Internal Audits and security assessment requests. Help remediate the findings and implement improvement measures.
• Design, implement, support and evaluate security-focused tools into our CI/CD pipeline, including AST tool oversight.
• Manage the security bug backlog with development teams.
• Assist in developing an automated security framework for robust deploymenttools and processes, leveraging various scripting languages and open-source solutions.
• Plays a critical role in providing technical support for day-to-day security operations, security tool integration, automation support, change management and business continuity program.
• Assist in defining security requirements and review of system to determine ifthey have been designed to comply with established security standards. Develop new policies and Standard Operation Procedures as necessary.
• Design, engineer, operationalize and maintain the secure systems which support continuous deployment/integration solutions with strong focus towards innovation.
• Analyze software design documents from a security standpoint and performthreat assessment for the developed cloud-native platform.
• Identify, integrate, monitor and improve security controls by understanding business processes.
• Implement secure software development measures into CI/CD pipelines in collaboration with development teams.
• Implementation of solution for monitoring the health of various applications and security appliances.
• Development of alerting infrastructure based on critical system resources to ensure a near zero downtime.
• Scheduled maintenance activities to keep the infrastructure components robustwith latest patches and updated versions of software running in the infrastructure stack.
• Evaluate, select, implement and maintain security tools, infrastructure, and automation.
• Advise teams on developing pragmatic solutions that achieve business requirements to maintain acceptable levels of risk.
• Perform other job-related duties as requested.

You have:

• Bachelor\'s degree in Information Security, computer science, engineering, business, or a related field, or equivalent in experience and expertise.
• Industry Certifications such as CISSP, GPEN, GXPN, OSCP, GCIA, GSEC, GREM.
• Cloud Security Certifications like CCSP, CCAK, CCSK, AWS Certified Security Specialty, Azure Security Engineer, Google Cloud Certified Professional Cloud Security Engineer are preferred.

It would be nice if you also had:

• Knowledge and expertise in a myriad of Information Security Solutions across cloud and IT security.
• Minimum 5 years of experience in designing and maintaining enterprise infrastructure solutions, project life cycle activities on development andmaintenance projects. Including CI/CD and tools development.
• Must have experience working with Developers, DevOps, Engineering and Compliance teams in a dynamic environment to promote/implement the DevSecOps program throughout the organization.
• Experience with the maintenance of mission-critical enterprise securityapplications (such as NGFW, AV, DLP, log management and other technical controls).
• Experience in Agile development to incorporate CI/CD (Continuous Integration / Continuous Delivery) utilizing technologies such as GIT, AzureDevOps, Maven, Helm, Crucible.
• Must be able to work within environments like: Jenkins, Docker, Java, Python, Jinja, Ruby, Perl, Bash, Scripting YAML, SAST (Static ApplicationSecurity Testing), DAST (Dynamic Application Security Testing).
• Experience working with AST (Application Security Testing) tools and their integration into the CI/CD pipeline.
• Familiarity with API Security, Container Security, AWS, Azure & GCP Cloud Security best practices.
• Experience configuring, implementing and leveraging computer security andnetworking diagnostic/monitoring tools.
• Experience of VM patch management and related information security functions (authentication, encryption, iptables, SSL, Ciphers, etc)
• Experience with Kibana and Elastic search for logging and developed plugins, codecs for specific use cases.
• Experience with monitoring tools such as Grafana, alerting tools such asPrometheus, data collection such as Fluentd.
• Experience with Configuration management tools such as Git Implementation ofautomation using scripting languages such as Python, Bash, etc
• Experience with variety of operating systems, Cloud Data Platforms (AWS, Azure, GCP) and Cloud Computing (SaaS, PaaS, IaaS).
• Excellent analytical, interpersonal and English communication skills both oral and written.
• Strong customer centric mindset.
• Proactive sense of urgency and \'can do\' attitude.
• Telcom experience is a plus.
• Strong problem solving and debugging skills.
• Self-directed/self-motivated.
• Result oriented with a hands-on mindset.
• Ability to convey and explain complex technical information to non-technical staff.

Come create the technology that helps the world act together

Nokia is committed to innovation and technology leadership across mobile, fixed and cloud networks. Your career here will have a positive impact on people\xe2\x80\x99s lives and will help us build the capabilities needed for a more productive, sustainable, and inclusive world.
We challenge ourselves to create an inclusive way of working where we are open to new ideas, empowered to take risks and fearless to bring our authentic selves to work

What we offer

Nokia offers continuous learning opportunities, well-being programs to support you mentally and physically, opportunities to join and get supported by employee resource groups, mentoring programs and highly diverse teams with an inclusive culture where people thrive and are empowered.

Nokia is committed to inclusion and is an equal opportunity employer

Nokia has received the following recognitions for its commitment to inclusion & equality:

• One of the World\xe2\x80\x99s Most Ethical Companies by Ethisphere
• Gender-Equality Index by Bloomberg Workplace Pride Global Benchmark

At Nokia, we act inclusively and respect the uniqueness of people. Nokia\xe2\x80\x99s employment decisions are made regardless of race, color, national or ethnic origin, religion, gender, sexual orientation, gender identity or expression, age, marital status, disability, protected veteran status or other characteristics protected by law.
We are committed to a culture of inclusion built upon our core value of respect.



Join us and be part of a company where you will feel included and empowered to succeed.