Governance Risk & Compliance Lead

GRC Lead will manage and strengthen our Governance, Risk, and Compliance (GRC) initiatives for Managed Security Services (MSS) within the Telecom sector. The GRC Lead will be responsible for ensuring that the services we provide to our telecom clients adhere to industry standards, regulatory requirements, and robust risk management practices. This individual will play a key role in aligning our security services with client business objectives, improving our security posture, and ensuring compliance with telecom-specific regulations and frameworks.

• Provide security governance leadership tailored to telecom networks, including mobile, 5G, SDN/NFV, and MPLS environments.
• Lead risk assessment, threat modeling, and management activities for telecom networks and emerging technologies like IoT and cloud.
• Ensure compliance with global and local telecom regulatory requirements (e.g., TRAI, DoT, GDPR, FCC, ETSI) through audits, reviews, and reporting.
• Manage and maintain telecom-specific security policies, technical and administrative controls, and compliance frameworks (ISO 27001, NIST, PCI-DSS).
• Act as the prime security and compliance interface towards customers, internal teams, auditors, subcontractors, and third-party suppliers.
• Develop and maintain a risk register, tracking treatment plans and mitigation strategies across client environments.
• Provide proactive consultation and guidance to customers regarding security best practices and compliance requirements.
• Oversee incident and crisis response activities to minimize business impact and regulatory exposure, ensuring adherence to notification guidelines.
• Ensure vendor security due diligence, contract compliance, and ongoing third-party risk monitoring within the telecom supply chain.

You have:

• 7+ years of experience in Governance, Risk, and Compliance (GRC), with at least 3 years in telecom or Managed Security Services (MSS) with a degree in Telecommunication Engineering, Computer Science, Information Security, or a related field (B.E/B.Tech/M.E/M.Tech/MCA).
• Expertise in telecom-specific security technologies: Firewalls, IDS/IPS, SIEM, encryption, access management, and incident response platforms.
• Experience working with security and compliance frameworks: ISO 27001, NIST CSF, PCI-DSS, GDPR, NIST SP 800-53, ETSI EN 303 645, also telecom infrastructure, including MPLS, 5G, IoT, and SDN/NFV.
• Familiarity with GRC tools such as RSA Archer, ServiceNow GRC, or MetricStream.
• Experience in telecom risk management processes, regulatory assessments, and vendor risk governance.

It would be nice if you also had:

• Industry certifications such as CISM, CISA, CISSP, CRISC, ISO 27001 Lead Auditor/Implementer, TOGAF, or ITIL.
• Experience in stakeholder management, including executive communication, regulatory liaison, and conflict resolution with auditors or vendors.
• Strong analytical, negotiation, and project management skills in a cross-functional, multicultural telecom environment.

Come create the technology that helps the world act together

Nokia is committed to innovation and technology leadership across mobile, fixed and cloud networks. Your career here will have a positive impact on people’s lives and will help us build the capabilities needed for a more productive, sustainable, and inclusive world.
We challenge ourselves to create an inclusive way of working where we are open to new ideas, empowered to take risks and fearless to bring our authentic selves to work

What we offer
 
Nokia offers continuous learning opportunities, well-being programs to support you mentally and physically, opportunities to join and get supported by employee resource groups, mentoring programs and highly diverse teams with an inclusive culture where people thrive and are empowered.

Nokia is committed to inclusion and is an equal opportunity employer

Nokia has received the following recognitions for its commitment to inclusion & equality:

• One of the World’s Most Ethical Companies by Ethisphere
• Gender-Equality Index by Bloomberg
• Workplace Pride Global Benchmark

At Nokia, we act inclusively and respect the uniqueness of people. Nokia’s employment decisions are made regardless of race, color, national or ethnic origin, religion, gender, sexual orientation, gender identity or expression, age, marital status, disability, protected veteran status or other characteristics protected by law.
We are committed to a culture of inclusion built upon our core value of respect.

Join us and be part of a company where you will feel included and empowered to succeed.