Nokia Application Security Professional 

Portugal 

880533866

The(CDC) is looking for antaking up responsibilities in the Operations and Compliance Team.

The CDC OC Application Security team mission is to ensure identification and manage inventory of critical assets and executing the required assessments to ensure Confidentiality, Integrity and Availability on Nokia Applications.

As a daily mission, the Application Security Professional will:

• Initiate and follow with Application Owners the defined processes for:
  • Data Classification.
  • Application Security Compliance Questionnaires.
• Ensure correct inventory of applications is maintained and the respective data classification.
• Launch and review E2E execution of Program processes.
  • Review evidence and results from Application Security Compliance Questionnaires.
  • Ensure that Data Classification is properly identified and associated with respective assets.
  • Tracking the findings/non-compliances and follow up remediation's with the respective Application Owners with the objective of ensure compliance to the relevant Nokia’s security policies and operational process for the application domain.
• Support the overall Governance with IT and Business Groups stakeholders
• Reporting the overall Application Security Domain status to All the relevant stakeholders including management and Business Group Security partners.
  

The ‘Application Security Professional is required to have the following Key Competencies:

• Experience of Security Controls and techniques, including Authentication, authorization, encryption, logging, and application security testing, etc.
• Experience of security risk management and cybersecurity domain.
• Experience in Enterprise Architecture and Data Governance practices
• Knowledge of common information security management framework and standards
  • Aware of IT policy, SOX, NSA, GDPR, ISO 27001, Data Privacy requirements.
• Knowledge and understanding of relevant legal and regulatory requirements.
• Familiar with Public Cloud, Cloud-based and AI applications, and deployment models
• Strong Gap Analysis & Security Audit Skills.
• Knowledge of application security including OWASP.

In the overview below, a series of requirements or expectations are listed. This overview is not to be considered as a need-to-have for all but, in the case a particular expectation cannot be met, it is expected that the applicant is aspiring to (eventually) fulfill the expectation

• BSc or MSc (preferred) degree in computer science or related technical field.
• Have +7 years of experience in cyber security (or equivalent by education and/or interest);
• Having practical/hands-on experience on Application Security or as a Security Architect.
• Experience with GRC and ITSM tools and processes.
• Be able to work in a standalone way with a minimum of guidance and oversight.
• Be fluent in English (oral and written) and engage with discussions with other stakeholders in the organisation.
  

Nokia has received the following recognitions for its commitment to inclusion & equality:

• One of the World’s Most Ethical Companies by Ethisphere
• Gender-Equality Index by Bloomberg
• Workplace Pride Global Benchmark