What you will learn and contribute to
NI is looking for an experienced cybersecurity professional to fill the role of Product Security Manager. In this role you will support various NI business functions, including Product R&D, Services, Customer Teams and Regional Business Centers (RBC’s) to drive enhancement and / or compliance to security & privacy requirements into different aspects of the NI business and evaluate the effectiveness of implemented security controls to mitigate, reduce, or eliminate risks related to Security & Privacy.
Knowledge on product security engineering and experience in security compliance assessment are prerequisites for this job.
Nokia DFSEC is based on both proactive and reactive security engineering. This includes understanding how to translate security controls sets into implementation requirements.
An understanding of software engineering and programming is a fundamental requirement for this role, because NI products, services and solutions are software based and product security begins with understanding design aspects that can introduce security risks.
Candidates should have knowledge and experience in conducting product security risk assessment, including use of threat and risk modelling and Privacy Impact Assessments using techniques and tools to successfully coaching teams to identify gaps, develop risk treatment plans or development roadmaps to address issues identified.
Experience in performing security vulnerability scanner-based product security assessments and analysis and remediation planning of findings is required.
Knowledge on the use of the DFSEC Compliance Tool and the Vulnerability Assessment and Management System tools are desired skills sets for this job.
This role will require knowledge of application security engineering and testing, secure software development practices and broad knowledge of application and network vulnerabilities, including how attacker types exploit them.
Configuring and running various types of security test tools (EG, Threat Modeler, SAST, DAST, Fuzz, Vulnerability, Security Hardening tool types), generating reports, communicating findings with development teams and negotiating remediation of issues are key components of the role.
You play a key role to promote Nokia standards and guidance for applying the Nokia DFSEC process, as well as collaborate with other Nokia security teams on continual improvement to these standards and guidance to build a stronger security culture across NI.
As a senior engineer you will help define and build NI security expertise, including NI specific security standards, guidelines and standard operating procedures and execute the targets of the security program across NI.
You will be a source of coaching and mentoring for security expertise within NI and Nokia.
Are you passionate about solving problems?
As part of our team, you will :
g., GDPR, NIST, CCPA, ANSSI, CSL etc.)
Your skills and experience
You have :
It would be nice if you also had :
Desired Industry Certifications :
ISC)2 Certified Information Systems Security Professional (CISSP)
What we offer
Nokia offers flexible and hybrid working schemes, continuous learning opportunities, well-being programs to support you mentally and physically, opportunities to join and get supported by employee resource groups, mentoring programs and highly diverse teams with an inclusive culture where people thrive and are empowered.
Nokia is committed to inclusion and is an equal opportunity employer
Nokia has received the following recognitions for its commitment to inclusion & equality :
At Nokia, we act inclusively and respect the uniqueness of people.
Nokia’s employment decisions are made regardless of race, color, national or ethnic origin, religion, gender, sexual orientation, gender identity or expression, age, marital status, disability, protected veteran status or other characteristics protected by law.
We are committed to a culture of inclusion built upon our core value of respect.
Join us and be part of a company where you will feel included and empowered to succeed.