Security Risk and Compliance Expert

Job Description

Come create the technology that helps the world act together Nokia is committed to innovation and technology leadership across mobile, fixed and cloud networks. Your career here will have a positive impact on people s lives and will help us build the capabilities needed for a more productive, sustainable, and inclusive world.We challenge ourselves to create an inclusive way of working where we are open to new ideas, empowered to take risks and fearless to bring our authentic selves to work. The team youll be part of The Strategy & Technology function lays the path for Nokia s future technology innovation and identifies the most promising areas for Nokia to create new value. We set the company s strategy and technology vision, offer an unparalleled research foundation for innovation, and provide critical support infrastructure for Nokia.You will be part of Group Security team within Strategy & Technology. We own Nokia-wide security policies, programs, management testing and reporting. We partner with various stakeholders to identify security requirements, trends and evolving risks, and act as an advisor to our customers, Business Groups, and other stakeholders in various security related matters. These include Nokia s security culture, processes, systems, products, and services to position Nokia as a trusted partner for 5G era and beyond. Job description We are looking for a Security Risk and Compliance Expert who can take responsibility for the oversight and day-to-day operation of the compliance and risk management within the domain of Service Security. This is to enhance the security of Nokia services provided to our customers.Key accountabilities include:
• Establish, operate, and further develop compliance and risk management processes for Nokia services in alignment with Group Security frameworks and business processes
• Conduct compliance assessments against ISO/IEC 27001 standard and Nokia s information security framework
• Support and validate security self-assessments conducted by Nokia services
• Ensure all compliance findings and risk records are tracked and addressed by the involved teams and stakeholders
• Help Nokia services teams to mitigate non-compliance issues and related security risks
• Create, communicate, and present compliance and risk reports to different stakeholders within the Group Security and Business Groups
• Actively contribute to the development of Nokia Service Security.
Qualifications:
• 7+ years of experience in information security risk and compliance management and/or related functions (such as IT audit and IT risk management) in a large multinational organization
• Direct experience of ISO/IEC 27001 implementation and audit projects
• Advisory skills to guide the organization towards compliance with information security requirements
• Experience in gathering of metrics and reporting to all levels within the organization
• Ability to implement workflows that support business processes and reduce overhead
• Solid understanding of cyber security operational processes and technologies
• Ability to establish and manage relationships across Nokia service organizations
• Excellent documentation and reporting skills for management communication
• Fluency in English
• Education: Master s or bachelor s degree in computer science, security engineering or equivalent.
It would be nice if you also had:
• Experience with RSA Archer or other Governance, Risk and Compliance (GRC) tools
• Experience with Power BI or other data analytics and reporting tools
• Experience with telecommunications industry
• Certifications or the ability and motivation to work toward obtaining similar certifications (non-exhaustive):
  • CISM, CISA, CISSP, CRISC.
  • ISO 27001 Lead Auditor, Lead Implementer
What we offer Nokia offers flexible and hybrid working schemes, continuous learning opportunities, well-being programs to support you mentally and physically, opportunities to join and get supported by employee resource groups, mentoring programs and highly diverse teams with an inclusive culture where people thrive and are empowered. Nokia is committed to inclusion and is an equal opportunity employer Nokia has received the following recognitions for its commitment to inclusion & equality: - One of the World s Most Ethical Companies by Ethisphere - Gender-Equality Index by Bloomberg - Workplace Pride Global Benchmark - LGBT+ equality & best place to work by HRC Foundation At Nokia, we act inclusively and respect the uniqueness of people. Nokia s employment decisions are made regardless of race, color, national or ethnic origin, religion, gender, sexual orientation, gender identity or expression, age, marital status, disability, protected veteran status or other characteristics protected by law. We are committed to a culture of inclusion built upon our core value of respect. Join us and be part of a company where you will feel included and empowered to succeed.Additional Information,

Keyskills :
it riskit auditpower bisecurity riskdata analyticscyber securityrisk managementcomputer scienceinformation securitysecurity engineeringcompliance management