Third Party Security Expert

**Come create the technology that helps the world act together**

Nokia is committed to innovation and technology leadership across mobile, fixed and cloud networks. Your career here will have a positive impact on people’s lives and will help us build the capabilities needed for a more productive, sustainable, and inclusive world.

We challenge ourselves to create an inclusive way of working where we are open to new ideas, empowered to take risks and fearless to bring our authentic selves to work.

**The team you'll be part of**

Strategy and Technology lays the path for Nokia’s future technology innovation and identifies the most promising areas for Nokia to create new value. We set the company’s strategy and technology vision, offer an unparalleled research foundation for innovation, and provide critical support infrastructure for Nokia.

Part of Strategy & Technology, Group Security is Nokia’s central knowledge center responsible for Nokia’s cyber security policies and standards, the cyber security architecture and roadmap, and the monitoring, alerting of security incidents. We partner with the Nokia Business Groups and Central Functions on product security, customer security, and interact with governments on security regulations. Together we take care of Nokia’s security culture, processes, systems, products and services to position Nokia as a trusted partner for the 5G era and beyond.

For this position you’ll be part of Group Security** Business Security** team working as a Third-Party Security Analyst and will be interacting with Nokia’s Business Groups, Central Functions and Nokia’s Suppliers.

**What you will learn and contribute to**

Third parties play a critical role in supporting key business functions and sharing information with them is an essential part of the daily operation. By doing so, the chance that a threat event will be initiated successfully increases and inappropriate controls at the third-party side might impact the viability of Nokia business.

The Third-Party Security Analyst will work with the business stakeholders to determine the present risk level of third parties. Additionally, supports third parties to improve their security posture by setting the standard which risk is acceptable and defining remediation actions.

As part of our team, you will:

- Offer security expertise in line with the latest threats’ knowledge.
- Support the business teams and central functions teams in becoming compliant with the Nokia Security Policies.
- Identify security needs of the business teams and propose suggestions for improvement and prepare the necessary steps so that these needs can be timely addressed.
- Validate security controls proposed by the business teams and IT or Nokia suppliers.
- Create a close relationship with the business counterparts.
- Understand the actual security posture of the Third Parties.

**Your skills and experience**

The Third-Party Security Analyst shall meet the following requirements:

- Understanding of an IT operational environment.
- Ability to convey technical security concepts to non-technical audience.
- Compliance, assurance and security expertise at an enterprise and global scale.
- Strong knowledge of ISO/IEC 27001; ISO/IEC 27002; ISO 31000; NIST CSF; COBIT 5; CIS Controls ver. 7 and ISF The Standard of Good Practice for Information Security.
- Minimum of 2 years of experience of working in security environment.
- Degree in computer science or related technical field. Cybersecurity, information assurance or information security specializations are a bonus.
- Proficient in English.

It would be nice if you also had:

- Knowledge of network security, networking concepts and architectural implementations.
- Knowledge on vulnerability management & the capability to define mitigations.
- Data analytics technologies & methodologies and reporting techniques.
- Certified in Information Systems Risk Management (CRISC)
- or the ability to work toward obtaining certifications related to the role of Third-Party Security Analyst.

**What we offer**

Nokia offers flexible and hybrid working schemes, continuous learning opportunities, well-being programs to support you mentally and physically, opportunities to join and get supported by employee resource groups, mentoring programs and highly diverse teams with an inclusive culture where people thrive and are empowered.

**Nokia is committed to inclusion and is an equal opportunity employer**

Nokia has received the following recognitions for its commitment to inclusion & equality:

- One of the World’s Most Ethical Companies by Ethisphere
- Gender-Equality Index by Bloomberg
- Workplace Pride Global Benchmark
- LGBT+ equality & best place to work by HRC Foundation

At Nokia, we act inclusively and respect the uniqueness of people.

Nokia’s employment decisions are made regardless of race, color, national or ethnic origin, religion, gender, sexual orientation, gender identity or expression, a