MBSS Security Lead (Hardening & Compliance)

Family Description
Customer Services (CS) covers customer service in different areas such as technical support, account support, operations, maintenance, network design / deployment / integration / transformation, and education. Generates revenue and the increase of customer satisfaction through planning, designing, deploying, integrating, optimising, operating, and maintaining phases.
Subfamily Description
Managed Services (MSE) is responsible for keeping the network running and proposing / conducting network upgrades based on business requirements. Covers technical managing and operating of agreed components of IT and telecommunications services provided to end users of Nokia customers, within contracts agreed with those customers.
 

Nokia is a global leader in connectivity for the AI era. With expertise across fixed, mobile and transport networks, powered by the innovation of Nokia Bell Labs, we’re advancing connectivity to secure a brighter world. 

Our recruitment process

We act inclusively and respect the uniqueness of people. Our employment decisions are made regardless of race, color, national or ethnic origin, religion, gender, sexual orientation, gender identity or expression, age, marital status, disability, protected veteran status or other characteristics protected by law. We are committed to a culture of inclusion built upon our core value of respect.

If you’re interested in this role but don’t meet every listed requirement, we still encourage you to apply. Unique backgrounds, perspectives, and experiences enrich our teams, and you may be just the right candidate for this or another opportunity.

The length of the recruitment process may vary depending on the specific role's requirements. We strive to ensure a smooth and inclusive experience for all candidates. Discover more about the recruitment process at Nokia. 

Key Responsibilities

1. MBSS Hardening Control Design

• Architecture Analysis: Understand complex node architectures and design security controls across multiple dimensions, layers, and planes.
• MBSS Control Design Templates: Develop MBSS control design templates, including specific command collections and validation methods for different Node Types, Vendors, OS, and Software Versions. It serves a comprehensive technical guide for node hardening.
• Standards Alignment: Refer to industry security standards to review and update existing hardening guidelines continuously.
• OEM Collaboration: Work with Original Equipment Manufacturers (OEMs) to validate controls and obtain final sign-off for deployment.

1. MBSS Assessment Operations

• Large-Scale Compliance: Oversee quarterly compliance scanning for a landscape of 120,000+ nodes, supporting a 20% year-over-year growth.
• New Node Onboarding: Validate MBSS compliance for new nodes (targeting ~1,000 nodes/month) and provide security "Go-Live" approvals based on artifact submissions for all new nodes entering the production environment.
• Tool Liaison: Provide expert support to the MBSS tools team during First Node Implementation (FNI) and mass rollouts.

1. Governance & Compliance Closure

• Stakeholder Management: Lead weekly operational governance meetings with Client, Asset Custodians, LOB SPOCs, and Managed Service Partners (MSPs).
• Closure Tracking: Follow up and track the remediation of non-compliances as per a defined escalation matrix and timelines.
• Reporting: Deliver Monthly compliance reports and weekly operational governance summaries

Required Skills & Experience

1. Qualification:

   
   

• Bachelor’s Degree: B.E. / B.Tech in Computer Science, Information Technology, or Electronics & Telecommunications.

  
  

1. Certification:

   
   

• CISA (Certified Information Systems Auditor) /CISSP (Certified Information Systems Security Professional)

  
  

• C-SANS (GCWN / GCUX)

  
  

• Nokia/Cisco/Ericsson Network Certifications: Professional-level certifications (e.g., CCNP Security or Nokia NRS II) to understand the "Node Architecture" and "Command Collections" required for hardening templates.

  
  

• Cloud Security Certifications (CCSP / Azure Security Engineer): Necessary for designing MBSS controls for the "Cloud Estate" portion of the 120,000 nodes.

  
  

1. Experience Level: 12–15 Years

   
   

2. Technical Proficiency & Requirements

   
   

Category

Requirement

Hardening Expertise

Deep knowledge of CIS Benchmarks, NIST, and hardening for various OS/OEM Products (especially Telecom & IT). Proven experience in creating baseline standards for diverse Telecom & IT OEMs (Nokia, Ericsson, Cisco, Juniper, etc.)

Compliance at Scale

Previous experience of managing compliance for 50,000+ nodes using automated tools (e.g., BladeLogic, SolarWinds, or custom MBSS tools).

Telecom Infrastructure

Good hands-on understanding of working on Telecom Nodes (2G-5G Products) including architecture know how of Core, RAN, Tx & IP Fabric network & element architectures.

Process Excellence

Knowledge of ITIL processes for managing SOD (Sign-Off Design) requests and operational governance.

Governance

Ability to manage large-scale remediation projects across MSP and OEM environments. Experience of handling Tier 1 Customer Teams and various stakeholder management.