Security Architect

As a Security Architect, Technology & AI unit (TAO) lays the path for Nokia’s future technology innovation and identifies the most promising areas for Nokia to create new value. We set the company’s strategy and technology vision, offer an unparalleled research foundation for innovation, and provide critical support infrastructure for Nokia.

Part of Technology & AI, Group Security is Nokia’s central knowledge center responsible for Nokia’s cyber security policies and standards, the cyber security architecture and roadmap, and the monitoring, alerting of security incidents. We partner with the Nokia Business Groups (BGs) and Central Functions on product security, customer security, and interact with governments on security regulations. Together we take care of Nokia’s security culture, processes, systems, products and services to position Nokia as a trusted partner for the 5G/ 6G era and beyond. 

Nokia is a global leader in connectivity for the AI era. With expertise across fixed, mobile and transport networks, powered by the innovation of Nokia Bell Labs, we’re advancing connectivity to secure a brighter world. 

Our recruitment process

We act inclusively and respect the uniqueness of people. Our employment decisions are made regardless of race, color, national or ethnic origin, religion, gender, sexual orientation, gender identity or expression, age, marital status, disability, protected veteran status or other characteristics protected by law. We are committed to a culture of inclusion built upon our core value of respect.

If you’re interested in this role but don’t meet every listed requirement, we still encourage you to apply. Unique backgrounds, perspectives, and experiences enrich our teams, and you may be just the right candidate for this or another opportunity.

The length of the recruitment process may vary depending on the specific role's requirements. We strive to ensure a smooth and inclusive experience for all candidates. Discover more about the recruitment process at Nokia. 

• Identify & understand Nokia’s threat landscape and main security risks using several Threat Intelligence Sources as well as support various IT & Business Digitalization Programs
• Define the target security solution architecture and corresponding security architecture requirements remediating the identified threats, vulnerabilities, and security risks.
• Technically define, test & validate security controls integrated into IT & Business Digitalization Programs
• Technically assess & vet (new) Nokia Solution Offerings (CNS SaaS, NDAC, RXRM, AIMS,…) and provide recommendation on how to effectively further harden these solutions. 
• Support various Nokia IT & BG teams in advising on security best practices to ensure that Nokia’s critical assets & data always remain fully protected & secure (support in new supplier contract negotiations, support on merger & acquisitions activities, etc…).
• Act as Trusted Security Advisor towards your peers and other Nokia stakeholders in TAO, BG’s and other central functions across various security domains (Zero Trust Network Architecture, evolution to IPv6, IAM, secure Network & Application Segmentation, cloud & network security, application security, AI technologies, Software Security, Security Automation, Data Security, BC/DR & Cyber Resiliency, malicious attack types & penetration testing techniques…)
• Detect security flaws in existing digital solutions and provide recommendations on how to overcome these findings in a secure and cost-efficient manner by performing pro-active security architecture assessments and by staying abreast of new attack tactics and techniques.
• Define & introduce new innovative security solutions into Nokia’s Corporate Infrastructure.  This effort encompasses activities like strategic solution thinking, solution budgeting, solution presentations, solution design, solution testing & validation, solution delivery

Must-Have:

• Three to five years of security architecture experience, including auditing, security compliance testing, project risk management, security, or other internal controls.
• Solid & demonstrated experience in organizing teams, establishing priorities, and leading IT- & Business-related security projects.
• Able to work independently as well as in a team in a fast-paced environment and with demonstrated track record for completing work in a timely and organized fashion.
• Able to facilitate good stakeholder management in business or IT projects is a must, including outstanding written, verbal, and oral communication skills.
• Solid knowledge of current and future (information) security technologies, including business processes, data, applications, and network and systems infrastructure.
• This role acts in a transformational environment from traditional IT to digital cloud-based. Developments, in a variety of DevOps & agile structures.      In depth understanding of these technologies and development methodologies is essential
• Experience in the design, implementation, and administration of multi-cloud security testing environments such as Azure, GCP, and/or AWS
• Capable of modeling threats & risks using standard frameworks (MITRE, STRIDE, Kill-Chain,…)
• Being familiar with NIST standards and other relevant security frameworks
• Good scripting knowledge (such as Java, C, python, PowerShell, Ansible)
• Relevant security certifications (CISSP, CISM, CEH, GPEN, OSCP) are considered as a plus.

Nice-to-Have

• Passionate about technology and information security
• Strong and creative problem-solving abilities
• Highly self-motivated and self-directed
• Comfortable in fast-paced, ever-changing environments with ability to successfully translate diverse and complex ambiguities into actionable plans
• A team player – even when working in a virtual team – with a strong customer focus
• Ability to effectively prioritize and execute tasks in a high-pressure environment.
• Be convincing – including when working with remote teams
• Pro-Active – don’t await taking action when identifying a security need