Vulnerability Assessment - Penetration Testing Lead

The Vulnerability Assessment - Penetration Testing Lead is a senior technical leadership position responsible for identifying, evaluating, and neutralizing security vulnerabilities before they can be exploited. You will lead the advanced penetration testing read team and vulnerability management team across network infrastructures (5G/6G), cloud environments, and applications. 

Nokia is a global leader in connectivity for the AI era. With expertise across fixed, mobile and transport networks, powered by the innovation of Nokia Bell Labs, we’re advancing connectivity to secure a brighter world. 

Our recruitment process

We act inclusively and respect the uniqueness of people. Our employment decisions are made regardless of race, color, national or ethnic origin, religion, gender, sexual orientation, gender identity or expression, age, marital status, disability, protected veteran status or other characteristics protected by law. We are committed to a culture of inclusion built upon our core value of respect.

If you’re interested in this role but don’t meet every listed requirement, we still encourage you to apply. Unique backgrounds, perspectives, and experiences enrich our teams, and you may be just the right candidate for this or another opportunity.

The length of the recruitment process may vary depending on the specific role's requirements. We strive to ensure a smooth and inclusive experience for all candidates. Discover more about the recruitment process at Nokia. 

• Design and lead end-to-end Vulnerability Assessment and Penetration Testing (VAPT) programs across various platforms.
• Conduct simulated adversarial attacks (Red Teaming) to evaluate the effectiveness of security operations and incident response.
• Oversee specialized security testing for telecom infrastructure, including SS7/Diameter, 5G Core, and IoT ecosystems.
• Implement AI-driven tools to transition from point-in-time testing to Continuous Threat Exposure Management (CTEM).
• Lead the selection and deployment of automated security scanning suites (e.g., Nessus, Qualys, Burp Suite, Metasploit).
• Integrate automated security tools seamlessly into the Continuous Integration/Continuous Delivery (CI/CD) pipeline.
• Translate critical and high-severity technical vulnerabilities into clear business risks for executive stakeholders.
• Collaborate with Business Operations and PMO teams to ensure effective prioritization and implementation of security remediation.

Must-Have Qualifications:

• Lead the design and execution of comprehensive Vulnerability Assessment and Penetration Testing (VAPT) programs across various platforms (network, web, mobile, API).
• Conduct Red Teaming exercises to simulate adversarial attacks and evaluate the effectiveness of SOC and incident response teams.
• Oversee specialized security testing for telecom infrastructure, including SS7/Diameter, 5G Core, and IoT ecosystem vulnerabilities.
• Lead the selection and deployment of automated security scanning suites (e.g., Nessus, Qualys, Burp Suite, Metasploit).
• Translate critical and high-severity technical vulnerabilities into clear business risks for executive stakeholders (CISO/Board).

• Partner with Business Operations and PMO teams to ensure effective prioritization and implementation of security remediations.

  
  

  Nice-to-Have Qualifications:

  
  
• Experience implementing AI-driven tools to transition from point-in-time testing to Continuous Threat Exposure Management (CTEM).
• Ability to integrate automated security tools seamlessly into Continuous Integration/Continuous Delivery (CI/CD) pipelines.
• Would you like to refine any of these points further?