Senior Cloud Security Engineer (SecDevOps)

Job Description

About Nokia CNS SaaSWhile SaaS is on fire in the general marketplace, it s just beginning to emerge in the telecommunications sector. SaaS is important to us, not only because the market demands it, but because it produces a predictable and steady revenue stream. Our mandate is to drive Nokia s adoption of this lucrative business model, leading communications service providers (CSPs) to new opportunities and profit. SaaS will eventually encompass our industry and we need to be in front of this tectonic shift to capitalize on the first-mover advantage. We lead the Software-as-a-Service revolution in the Communications and Media industry through disciplined execution and high integrity, building on Nokia s heritage as the premier industry thought leader and trusted technology partner to Communications Service Providers and Enterprises.We create technology that helps the world act together by delivering innovative and contemporary Software-as-a-Service products, enabling Nokia customers to rapidly deliver new and profitable communications services to their respective markets. As Nokias growth engine, we create value for communication service providers and enterprise customers by leading the transition to cloud-native software and as-a-service delivery models. Our inclusive team of dreamers, doers and disruptors push the limits from impossible to possible.What you will learn and contribute toThe Nokia CNS Advanced Technology Group SaaS Acceleration team is hiring for designing and creating software, infrastructure, automation, processes and policies, and championing their adoption across Nokia CNS Advanced Technology Group to help us defend cloud infrastructure and SaaS applications for services delivered through a centralized SaaS Delivery and Operations framework.Job Responsibilities & Competencies

• Provide leadership in the areas of Vulnerability Management, AST (Application Security Testing), Application Security, SSDLC (Secure Software Development Life Cycle), Data Analysis of security monitoring outputs, coordination of remediation patching, working with Development Teams and other daily Security and Compliance efforts.
• Design, implement, support and evaluate security-focused tools into our CI/CD pipeline, including AST tool oversight.
• Assist in developing an automated security framework for robust deployment tools and processes, leveraging various scripting languages and open-source solutions.
• Plays a critical role in providing technical support for day-to-day security operations, security tool integration, automation support, change management and business continuity program.
• Assist in defining security requirements and review of system to determine if they have been designed to comply with established security standards. Develop new policies and Standard Operation Procedures as necessary.
• Design, engineer, operationalize and maintain the secure systems which support continuous deployment/integration solutions with strong focus towards innovation.
• Analyze software design documents from a security standpoint and perform threat assessment for the developed cloud-native platform.
• Identify, integrate, monitor and improve security controls by understanding business processes.
• Implement secure software development measures into CI/CD pipelines in collaboration with development teams.
• Implementation of solution for monitoring the health of various applications and security appliances.
• Development of alerting infrastructure based on critical system resources to ensure a near zero downtime.
• Conduct regular Vulnerability Assessments and Penetration Tests. Support External/Internal Audits and security assessment requests. Help remediate the findings and implement improvement measures.
• Scheduled maintenance activities to keep the infrastructure components robust with latest patches and updated versions of software running in the infrastructure stack.
• Evaluate, select, implement and maintain security tools, infrastructure, and automation.
• Advise teams on developing pragmatic solutions that achieve business requirements to maintain acceptable levels of risk.
• Manage the security bug backlog with development teams.
• Perform other job related duties as requested.

Your skills and experienceYou have:

• Bachelors degree in Information Security, computer science, business, or a related field, or equivalent in experience and expertise.
• Industry Certifications such as CISSP, GPEN, GXPN, OSCP, GCIA, GSEC, GREM.
• Cloud Security Certifications like CCSP, CCAK, CCSK, AWS Certified Security Specialty is preferred.

It would be nice if you also had:

• Knowledge and expertise in a myriad of Information Security Solutions across cloud and IT security.
• Minimum 5 years of experience in designing and maintaining enterprise infrastructure solutions, project life cycle activities on development and maintenance projects. Including CI/CD and tools development.
• Must have experience working with Developers, DevOps, Engineering and Compliance teams in a dynamic environment to promote/implement the SecDevOps program throughout the organization.
• Experience with the maintenance of mission-critical enterprise security applications (such as NGFW, AV, DLP, log management and other technical controls).
• Experience in Agile development to incorporate CI/CD (Continuous Integration / Continuous Delivery) utilizing technologies such as GIT, Azure DevOps, Maven, Helm, Crucible.
• Must be able to work within environments like: Jenkins, Docker, Java, Python, Jinja, Ruby, Perl, Bash, Scripting YAML, SAST (Static Application Security Testing), DAST (Dynamic Application Security Testing).
• Experience working with AST (Application Security Testing) tools and their integration into the CI/CD pipeline.
• Familiarity with API Security, Container Security, AWS Cloud Security best practices.
• Experience configuring, implementing and leveraging computer security and networking diagnostic/monitoring tools.
• Knowledge of Linux patch management and related information security functions (authentication, encryption, iptables, SSL, Ciphers, etc)
• Experience with Kibana and Elastic search for logging and developed plugins, codecs for specific use cases.
• Experience with monitoring tools such as Grafana, alerting tools such as Prometheus, data collection such as Fluentd.
• Experience with Configuration management tools such as Git Implementation of automation using scripting languages such as Python, Bash, etc
• Experience with variety of operating systems, Cloud Data Platforms (AWS, Azure, GCP) and Cloud Computing (SaaS, PaaS, IaaS).
• Excellent analytical, interpersonal and English communication skills both oral and written.
• Strong customer centric mindset.
• Proactive sense of urgency and can do attitude.
• Telcom experience is a plus.
• Strong problem solving and debugging skills.
• Self directed/self motivated.
• Result oriented with a hands-on mindset.
• Ability to convey and explain complex technical information to non-technical staff.

What we offerNokia offers flexible and hybrid working schemes, continuous learning opportunities, well-being programs to support you mentally and physically, opportunities to join and get supported by employee resource groups, mentoring programs and highly diverse teams with an inclusive culture where people thrive and are empowered.Nokia is committed to inclusion and is an equal opportunity employerNokia has received the following recognitions for its commitment to inclusion & equality:

• One of the World s Most Ethical Companies by Ethisphere
• Gender-Equality Index by Bloomberg
• Workplace Pride Global Benchmark
• LGBT+ equality & best place to work by HRC Foundation

At Nokia, we act inclusively and respect the uniqueness of people.,

Keyskills :
firewallnetworkingpenetration testingproject life cyclecore networkdata analysiselastic searchcloud securitylog managementsecurity toolscloud computingdata collectionsoftware design