Security Risk and Compliance Expert

Come create the technology that helps the world act together 

Nokia is committed to innovation and technology leadership across mobile, fixed and cloud networks. Your career here will have a positive impact on people’s lives and will help us build the capabilities needed for a more productive, sustainable, and inclusive world.

We challenge ourselves to create an inclusive way of working where we are open to new ideas, empowered to take risks and fearless to bring our authentic selves to work.

The team you'll be part of

The Strategy & Technology function lays the path for Nokia’s future technology innovation and identifies the most promising areas for Nokia to create new value. We set the company’s strategy and technology vision, offer an unparalleled research foundation for innovation, and provide critical support infrastructure for Nokia.

You will be part of Group Security team within Strategy & Technology. We own Nokia-wide security policies, programs, management testing and reporting. We partner with various stakeholders to identify security requirements, trends and evolving risks, and act as an advisor to our customers, Business Groups, and other stakeholders in various security related matters. These include Nokia’s security culture, processes, systems, products, and services to position Nokia as a trusted partner for 5G era and beyond.

Job description

We are looking for a Security Risk and Compliance Expert who can take responsibility for implementing and operating the global Information Security Management System (ISMS) of Nokia. You will play a key role on supporting Nokia Business Groups and Corporate Functions to identify, evaluate, manage, and report their information security risks. This is to enhance the overall security and compliance of services provided to our customers.

• Facilitate information security control implementation and conduct risk assessments with global stakeholders
• Review and provide recommendations for security risk mitigation strategies
• Maintain and develop information security risk register
• Track, report and present risk assessment and mitigation progress
• Collect data for Key Performance Indicators (KPIs) to measure ISMS effectiveness
• Maintain repository of ISMS reports, evidence and audit records
• Develop and deliver trainings on ISMS practices
• Develop, review and update ISMS related documentation
• Actively contribute to the continuous development of Nokia ISMS and related tools
• Stay up to date with emerging security trends, threats and best practices.
  
   

• 5+ years of experience in information security and/or related functions in a multinational organization
• Practical knowledge of ISO/IEC 27001:2022 standard implementation
• Solid understanding of information security processes and technologies
• Ability to manage complex activities in global and diverse business environment
• Advisory skills to guide the organization towards compliance with information security requirements
• Excellent documentation and communication skills
• Fluency in English
• Ability and motivation to learn new skills
• Education: master’s or bachelor’s degree in computer science, security engineering or equivalent.

It would be nice if you also had:

• Knowledge of other security standards, regulations and best practices (e.g., CSA CCM, NIST CSF, NIS2 and SOC2)
• Experience with delivery of information security training
• Experience with telecommunications industry
• Experience with RSA Archer and Microsoft Power BI, or other GRC or data analytics or reporting tools
• Certifications in information security (e.g., CRISC, CISSP and ISO 27001 LI/LA).

Come create the technology that helps the world act together

Nokia is committed to innovation and technology leadership across mobile, fixed and cloud networks. Your career here will have a positive impact on people’s lives and will help us build the capabilities needed for a more productive, sustainable, and inclusive world.
We challenge ourselves to create an inclusive way of working where we are open to new ideas, empowered to take risks and fearless to bring our authentic selves to work

What we offer
 
Nokia offers continuous learning opportunities, well-being programs to support you mentally and physically, opportunities to join and get supported by employee resource groups, mentoring programs and highly diverse teams with an inclusive culture where people thrive and are empowered.

Nokia is committed to inclusion and is an equal opportunity employer

Nokia has received the following recognitions for its commitment to inclusion & equality:

• One of the World’s Most Ethical Companies by Ethisphere
• Gender-Equality Index by Bloomberg
• Workplace Pride Global Benchmark

At Nokia, we act inclusively and respect the uniqueness of people. Nokia’s employment decisions are made regardless of race, color, national or ethnic origin, religion, gender, sexual orientation, gender identity or expression, age, marital status, disability, protected veteran status or other characteristics protected by law.
We are committed to a culture of inclusion built upon our core value of respect.

Join us and be part of a company where you will feel included and empowered to succeed.