R&D Engineer

As a R&D engineer in the Common Software Foundation team, you will contribute to delivering secure open-source components across various PaaS environments, including NCS, AWS, Azure, and GCP. In this role, you will enhance security by analyzing and prioritizing vulnerabilities in Rocky and Redhat OS, conducting scans, and implementing appropriate remediation. 
You will also work on developing and testing Rocky OS, leveraging expertise in microservices, containers, and CI/CD DevOps practices. Your proficiency in secure protocols, encryption methodologies, and vulnerability assessment tools will help strengthen system security. Additionally, you will contribute to SBOM generation, security design, and threat analysis, ensuring compliance with industry standards.

• Deploy and manage open-source components across various PaaS environments (NCS, AWS, Azure, GCP) while ensuring compliance with security and performance standards.
• Analyze, prioritize, and remediate Common Vulnerabilities and Exposures (CVEs) in Rocky and Redhat OS, collaborating with development teams for effective resolution.
• Conduct security scans (e.g., Burp, Anchore, Malware, Codenomicon), analyze reports, and assess severity based on open-source software usage.
• Develop and test Rocky OS as per CSF specifications, leveraging expertise in Linux-based OS, Python programming, and automation.
• Work with microservices, containers (Docker, Kubernetes, Helm), and CI/CD pipelines to enhance software delivery and deployment efficiency.
• Implement secure communication protocols (TLS, SSH), encryption methodologies, and security hardening practices to safeguard applications.
• Perform penetration testing, vulnerability assessments using tools like Anchore, Tenable, and Nmap, and contribute to security risk analysis and mitigation strategies.
• Contribute to Software Bill of Materials (SBOM) generation, threat modeling, and secure design principles to ensure compliance with industry security standards.

You Have: 

• Engineering Graduate or equivalent degree with 3-8 years of experience in Development and Testing, with expertise in Rocky and Redhat OS, and Python programming.
• Hands-on experience with Microservices, Containers (Docker, Kubernetes, Helm), and CI/CD DevOps practices.
• Proficient in secure protocols (TLS, SSH), encryption methodologies, and security hardening practices.
• Skilled in vulnerability scanning, penetration tests, and using tools like Anchore, Tenable, and Nmap.

It would be nice if you also had:

• Knowledgeable in SBOM generation, Design for Security & Privacy, and Threat & Risk analysis.
• Understanding of Zero Trust architecture, compliance frameworks (NIST, CIS, ISO 27001), and experience with AI-driven security analytics tools.
• Familiarity with tools like Terraform, Ansible, and cloud-native security practices across AWS, Azure, and GCP.

Come create the technology that helps the world act together

Nokia is committed to innovation and technology leadership across mobile, fixed and cloud networks. Your career here will have a positive impact on people’s lives and will help us build the capabilities needed for a more productive, sustainable, and inclusive world.
We challenge ourselves to create an inclusive way of working where we are open to new ideas, empowered to take risks and fearless to bring our authentic selves to work

What we offer
 
Nokia offers continuous learning opportunities, well-being programs to support you mentally and physically, opportunities to join and get supported by employee resource groups, mentoring programs and highly diverse teams with an inclusive culture where people thrive and are empowered.

Nokia is committed to inclusion and is an equal opportunity employer

Nokia has received the following recognitions for its commitment to inclusion & equality:

• One of the World’s Most Ethical Companies by Ethisphere
• Gender-Equality Index by Bloomberg
• Workplace Pride Global Benchmark

At Nokia, we act inclusively and respect the uniqueness of people. Nokia’s employment decisions are made regardless of race, color, national or ethnic origin, religion, gender, sexual orientation, gender identity or expression, age, marital status, disability, protected veteran status or other characteristics protected by law.
We are committed to a culture of inclusion built upon our core value of respect.

Join us and be part of a company where you will feel included and empowered to succeed.