SBC Vulnerability Mgmt Engineer

In order to support strategic organization initiatives, the Nokia Session Border Controller R&D team is seeking for Software Vulnerability Management Engineer. The person will be responsible for supporting both R&D internal and customer driven activities in in the area of software vulnerability management.

 

Key Responsibilities / Functions:   

• Conduct regular vulnerability assessments and security audits on software applications, based on scans, reports and notifications (both internal and customer provided)
• Analyze and report on security vulnerabilities, including CVE assessments 
• Provide remediation guidance, including creating relevant documentation and reports 
• Collaborate with development teams for vulnerability impact assessments and defining mitigation plans 
• Develop or enhance tools / scripts to ease / automate performing the role
• Stay updated with the latest security threats and vulnerability trends relevant to the telecom industry.
• Representing R&D internally and externally in the respective area.

Required Minimum Qualifications/Competencies

• Bachelor's Degree: In Computer Science, Information Technology, Cybersecurity, or a related field.
• Experience: Several years of experience in software development, cybersecurity, or a related IT field including 3-5 years in security-focused roles.
• Vulnerability Assessment Tools: Experience with tools like Nessus, Qualys, Anchor or other vulnerability scanning software and related tools. 
• CVE Score Assessment: Ability to assess and analyze CVE scores to prioritize vulnerabilities based on their severity and potential impact.
• Security Standards and Frameworks: Knowledge of frameworks such as NIST, ISO 27001, and OWASP.
• Programming/Scripting: Familiarity with programming languages (e.g., Python, C++, Java) and scripting for automation tasks.
• Networking Knowledge: Understanding of network protocols, architecture, and security practices relevant to telecom infrastructure.
• Operating Systems/Platforms: Experienced in Linux, virtualization, k8s, docker and other platforms commonly used in telecom environments.
• Analytical Skills: Ability to analyze vulnerabilities and their potential impact on the organization.
• Problem-Solving: Strong problem-solving skills to address more complex security issues.
• Communication: Excellent verbal and written communication skills to report vulnerabilities and collaborate with various teams.
• English as working language

 

Desired / Additional Qualifications/Competencies:

 

• Security Certifications: Certifications such as Certified Ethical Hacker (CEH), Certified Information Systems Security Professional (CISSP), or Certified Information Security Manager (CISM) may be beneficial.
• Specific Telecom Certifications: Familiarity with industry-specific certifications can be advantageous (e.g., TM Forum, 3GPP standards).
• Familiarity with DevSecOps practices may be preferred for roles involving CI/CD environments.
• Understanding of regulatory compliance and standards specific to the telecom sector would be a plus 

 

Come create the technology that helps the world act together

Nokia is committed to innovation and technology leadership across mobile, fixed and cloud networks. Your career here will have a positive impact on people’s lives and will help us build the capabilities needed for a more productive, sustainable, and inclusive world.
We challenge ourselves to create an inclusive way of working where we are open to new ideas, empowered to take risks and fearless to bring our authentic selves to work

What we offer
 
Nokia offers continuous learning opportunities, well-being programs to support you mentally and physically, opportunities to join and get supported by employee resource groups, mentoring programs and highly diverse teams with an inclusive culture where people thrive and are empowered.

Nokia is committed to inclusion and is an equal opportunity employer

Nokia has received the following recognitions for its commitment to inclusion & equality:

• One of the World’s Most Ethical Companies by Ethisphere
• Gender-Equality Index by Bloomberg
• Workplace Pride Global Benchmark

At Nokia, we act inclusively and respect the uniqueness of people. Nokia’s employment decisions are made regardless of race, color, national or ethnic origin, religion, gender, sexual orientation, gender identity or expression, age, marital status, disability, protected veteran status or other characteristics protected by law.
We are committed to a culture of inclusion built upon our core value of respect.

Join us and be part of a company where you will feel included and empowered to succeed.