Product Security Architect

Join us as a Product Security Architect, where you'll play a key role in vulnerability assessment and penetration testing to enhance product security. You'll lead periodic security assessments, collaborate with node owners to implement effective remediation strategies, and ensure robust protection against threats. If you're passionate about cybersecurity, risk mitigation, and proactive defense, this role is for you!

• Develop Tailored Assessment Profiles by collaborating with clients to define scope, methodologies, risk assessment criteria, and reporting structures.
• Configure & Customize Vulnerability Scans, creating tailored policies for network, application, compliance, and sensitive data exposure scans.
• Conduct Authenticated & Unauthenticated Scans across telecom networks and cloud environments (VNF, CNF), troubleshooting and debugging issues.
• Perform Compliance & Benchmark Scans using CIS frameworks (e.g., CIS AWS Foundations, CIS Linux, CIS Windows) to ensure industry best practices.
• Risk Triage & Severity Analysis, verifying false positives, assessing impact, and prioritizing vulnerabilities using the CVSS matrix.
• Evaluate & Prioritize Vulnerabilities based on CVSS scoring, exploitability, and telecom-specific risks (e.g., SS7, Diameter, GTP, VoIP, IoT, 5G).
• Assess Cloud Security Risks, conducting vulnerability assessments for containers and orchestration platforms (Docker, Kubernetes).
• Recommend & Implement Remediation Strategies, including patching, configuration hardening, workarounds, and compensating controls.
• Leverage Threat Intelligence to analyze known exploits, assess real-world risks, and track active threats (e.g., POC exploits, exploits in the wild).
• Work with Security Frameworks & Tools, including NIST, ISO 27001, CIS, ServiceNow, Jira, and ensure security hardening for Linux, Windows, and cloud environments.

• Bachelor’s degree in engineering/technology or equivalent.
• 12+ years of experience in security and operations technology roles.
• Expertise in Vulnerability Scanning Tools: Nessus, Qualys, OpenVAS.
• Proficiency in Cloud Scanning Tools: RedHat ACS, Anchore, Trivy.
• Experience with Ticketing Systems: Jira, ServiceNow, Remedy.
• Telecom Knowledge: 2G, 3G, 4G, 5G architecture, Nokia nodes, and functionalities.

Come create the technology that helps the world act together

Nokia is committed to innovation and technology leadership across mobile, fixed and cloud networks. Your career here will have a positive impact on people’s lives and will help us build the capabilities needed for a more productive, sustainable, and inclusive world.
We challenge ourselves to create an inclusive way of working where we are open to new ideas, empowered to take risks and fearless to bring our authentic selves to work

What we offer
 
Nokia offers continuous learning opportunities, well-being programs to support you mentally and physically, opportunities to join and get supported by employee resource groups, mentoring programs and highly diverse teams with an inclusive culture where people thrive and are empowered.

Nokia is committed to inclusion and is an equal opportunity employer

Nokia has received the following recognitions for its commitment to inclusion & equality:

• One of the World’s Most Ethical Companies by Ethisphere
• Gender-Equality Index by Bloomberg
• Workplace Pride Global Benchmark

At Nokia, we act inclusively and respect the uniqueness of people. Nokia’s employment decisions are made regardless of race, color, national or ethnic origin, religion, gender, sexual orientation, gender identity or expression, age, marital status, disability, protected veteran status or other characteristics protected by law.
We are committed to a culture of inclusion built upon our core value of respect.

Join us and be part of a company where you will feel included and empowered to succeed.