Nokia SBC Vulnerability Mgmt Engineer 

Poland 

426732192

In orderto support strategic organization initiatives, the

Key Responsibilities / Functions:

• Conduct regular vulnerability assessments and security audits on software applications, based on scans, reports and notifications (both internal and customer provided)
• Analyze and report on security vulnerabilities, including CVE assessments
• Provide remediation guidance, including creating relevant documentation and reports
• Collaborate with development teams for vulnerability impact assessments and defining mitigation plans
• Develop or enhance tools / scripts to ease / automate performing the role
• Stay updated with the latest security threats and vulnerability trends relevant to the telecom industry.
• Representing R&D internally and externally in the respective area.

Required Minimum Qualifications/Competencies

• Bachelor's Degree: In Computer Science, Information Technology, Cybersecurity, or a related field.
• Experience: Several years of experience in software development, cybersecurity, or a related IT field including 3-5 years in security-focused roles.
• Vulnerability Assessment Tools: Experience with tools like Nessus, Qualys, Anchor or other vulnerability scanning software and related tools.
• CVE Score Assessment: Ability to assess and analyze CVE scores to prioritize vulnerabilities based on their severity and potential impact.
• Security Standards and Frameworks: Knowledge of frameworks such as NIST, ISO 27001, and OWASP.
• Programming/Scripting: Familiarity with programming languages (e.g., Python, C++, Java) and scripting for automation tasks.
• Networking Knowledge: Understanding of network protocols, architecture, and security practices relevant to telecom infrastructure.
• Operating Systems/Platforms: Experienced in Linux, virtualization, k8s, docker and other platforms commonly used in telecom environments.
• Analytical Skills: Ability to analyze vulnerabilities and their potential impact on the organization.
• Problem-Solving: Strong problem-solving skills to address more complex security issues.
• Communication: Excellent verbal and written communication skills to report vulnerabilities and collaborate with various teams.
• English as working language

Desired / Additional Qualifications/Competencies:

• Security Certifications: Certifications such as Certified Ethical Hacker (CEH), Certified Information Systems Security Professional (CISSP), or Certified Information Security Manager (CISM) may be beneficial.
• Specific Telecom Certifications: Familiarity with industry-specific certifications can be advantageous (e.g., TM Forum, 3GPP standards).
• Familiarity with DevSecOps practices may be preferred for roles involving CI/CD environments.
• Understanding of regulatory compliance and standards specific to the telecom sector would be a plus

Nokia has received the following recognitions for its commitment to inclusion & equality:

• One of the World’s Most Ethical Companies by Ethisphere
• Gender-Equality Index by Bloomberg
• Workplace Pride Global Benchmark