Posted in Other 11 days ago.
Type: Full Time
At Nokia we create the technology to connect the world. Developing and delivering the industry's only end-to-end portfolio of network equipment, software, services and licensing that is available globally. Through our research teams, including the world-renowned Nokia Bell Labs, Nokia is leading the world to adopt end-to-end 5G networks that are faster, more secure and capable of revolutionizing lives, economies and societies. Nokia adheres to the highest ethical business standards as we create technology with social purpose, quality and integrity. A truly global company, we are 160 nationalities working in more than 100 countries.
ABOUT NOKIA IT:
At Nokia IT, we are in a fast-paced digitalization journey. We are transforming into a modern, digital organization that globally delivers seamless technology experiences to 100,000 employees, as well as external users across the world, based on trusted IT infrastructure, applications and security capabilities. To build a world-class IT organization, we are looking to find, grow and keep the best talent in various disciplines and areas.
Are you a hands-on technologist that wants to use knowledge to create an impact* Are you passionate about the digital era* Do you value a culture of transparency and accountability, and work with customers in your heart*
Then join the diverse and global Nokia IT team!
ABOUT NOKIA IT CYBER SECURITY:
In this role, you will be part of our Cyber Security team. We protect Nokia critical data and operations against security threats and guarantee the overall confidentiality, integrity and availability of Nokia data. Our top focus today is to enable Nokia business to early adopt new digital technologies in a secure way.
Job Title: Cyber Security Third Party Security Professional
We need a security professional to reinforce the team dealing with Third Party Security/ Vendor Risk Management.
Today s companies are living exciting times as Digital Transformation (Cloud, Social Media, IoT and Mobile Technology, Artificial Intelligence, Advanced Analytics) creates new business opportunities. However, in a climate where threats are becoming more severe and regulatory compliance (e.g GDPR, NSA, ) is becoming more demanding, the expansion of digital technologies and global inter-connectivity, brings new challenges and risks for Nokia. As Nokia is progressing in the Digital Transformation, and with the increase of e.g. cloud usage, the appetite to look for external expertise increases, leading to a growth of third-party relationships.
Third parties play a critical role in supporting key business functions and, sharing information with them is an essential part of the daily operation. By doing so, the chance that a threat event will be initiated successfully increases and inappropriate controls at the third-party side might impact the viability of Nokia business.
The security professional will work with the Business stakeholders to determine the present risk level of third parties. Additionally (s)he supports third parties to improve their security posture by setting the standard which risk is acceptable and defining remediation actions.
As security professional you support the business in bringing their assets compliant with the Information Security Policies.
Based on the outcome of (self) assessments, you will define mitigation actions to close potential security gaps that may result from these assessments.
The Third Party Security Professional is accountable for assessing the compliance, identify deficiencies, determine risk level, recommend solutions and give guidance & support to ensure Nokia information is protected in line with the Nokia Information Security Policies and Cyber Security. Standards (e.g. ISO 27001, NIST, Cloud Security Alliance, ). This should be done in a cost effective and innovative way bringing value to the business teams & IT teams through simplification, standardization and homogenization.
Key accountabilities include:
* Offer security expertise in line with the latest threats knowledge
* Support the business teams and IT teams in becoming compliant with the Nokia Security Policies
* Validate security controls proposed by the business teams and IT or Nokia suppliers
* Create a close relationship with the business counterparts
* Drive a cultural change around Cyber Security
* Contribute to projects in accordance to our corporate processes
* Understand the actual security posture of the Third Parties
* Identify security needs of the business teams assess solutions make suggestions for improvement and prepare the necessary steps so that these needs can be timely addressed
* Strong technology insight with a full appreciation of how technology can enable positive business change
* Understanding of an IT operational environment
* Attention to details, excellent problem solving and follow-up skills required
* Team player - Excellent relationship with stakeholders
* Capable to work with IT outsourcing partners
* Ability to convey technical security concepts to non-technical audience
* Compliance, Assurance and Security expertise at an enterprise and global scale
* Strong knowledge of ISO/IEC 27001; ISO/IEC 27002; ISO 31000; NIST CSF; COBIT 5; CIS Controls ver. 7 and ISF The Standard of Good Practice for Information Security 2018.
* Knowledge of network security, networking concepts and architectural implementations
* Knowledge on vulnerability testing & the capability to define mitigations
* Knowledge of application and database security
o CISSP and/or CISM certified if not yet, be willing to become certified within one year
* Customer focus
* Highly self-motivated and directed Autonomy
* Interested in technology / security watch
* Ability to multitask
* Ability to effectively prioritize and execute tasks in a high-pressure environment.
* Be convincing even when working with remote teams
* Pro-Active don t await taking action when identifying a security need
Role Related Expertise:
* Multiple years of experience of working in IT/Security Environment
* Proficient in English
* Willing to travel in line with the requirements of the role
You may also want to learn more about Opportunities in IT and Life at Nokia IT!
Imagine creating technology that has the potential to change the world. Working with us, you will have a positive impact on people s lives and help to overcome some of the world s most pressing challenges.
Nokia is an equal opportunity employer that is committed to diversity and inclusion. At Nokia, employment decisions are made regardless of sex, gender identity or expression, sexual orientation, race, ethnic origin, color, creed, religion, national origin, citizenship, age, marital status, physical or mental disability, genetic information or ancestry, protected Veteran or military status, or other characteristics protected by law.
Nokia culture welcomes people as their true selves. Come create the technology to connect the world..