MDR security expert

You’ll join the fast -growing
organization Managed Security Services, leading the Security Services delivered
by Nokia and dedicated to secure critical infrastructure against modern day
security threats, including disruptive technologies such as Cloud, IoT,
virtualization, 5G, etc.

As part of Managed Security
Services Business Line, you’ll be able to get involved in deliverable based
role and contribute to the success of the business.

Job summary

Nokia is looking for a
technically sound subject matter expert (SME) to lead the design, development,
testing and delivery of use -cases for the detection and response to cyber
threats in complex IT and Telecom environments. To be successful the candidate
should have a strong understanding in information security, threat modelling,
threat detection, automated response, and the corresponding commercial and
open -source solutions and products (e.g., EDR, SIEM, SOAR, etc.).

Deliverable and activities the SME will be assisting both directly or in
support to the business line:

• Design, development, testing (in lab environment)
  and delivery of end -to -end cyber security use -cases to enhance the
  detection and response capabilities of security operations center (SOC)
  with multivendor SIEM, SOAR etc.
  
• Build a library of risk driven cyber -attack
  scenarios, covering the entire kill chain (i.e., reconnaissance, weaponization, delivery, etc.), with clear identification of threats,
  vulnerabilities, business impact, likelihood, approach, use -cases,
  scenarios, rules, remediation workflows or cyber playbooks.
  
• Support as SME for the cyber manage,
  detection and response, for one or multiple of the following domains: IT,
  Telecom Core Network and Telecom Radio Access Network (RAN).
  

·         Deep experience and knowledge of emerging 3GPP
security requirements (e.g., 4G, 5G, etc.), ITU -T x.805, ISO27001, NIST, MITRE
ATT&CK framework, and related standards (optional but have willingness to
learn).

·         Support in
integrating existing commercial and open -source threat detection and response
solutions (e.g., EDR, SIEM, SOAR, etc.).

·         Create technical
documentations, presentations and deliver competence development materials and
trainings to relevant key stakeholders.

Technical Competencies:

• Masters or bachelor’s degree in computer science
  or related field such as cyber security or computer forensic Or 7+ years
  of relevant experience.
  
• Minimum of 5 or more years of relevant experience
  in field of cybersecurity domain in manage, detection and response (MDR)
  
• Understanding and working
  knowledge of SOC technologies such as SIEM, SOAR, EDR, etc.  
  
• Experience with SIEM
  tools, in terms of scripting, tuning and optimization of threat detection
  rule sets.
  
• Experience with SOAR
  tools, in terms of scripting, tuning and optimization of threat response
  playbooks and workflows.
  
• Knowledge on MITRE ATT&CK framework, TTPs
  used in various types of attacks. (Preferable)
  

Soft Skills:

• High level of personal integrity, as well
  as the ability to professionally handle confidential matters and show an
  appropriate level of judgment and maturity.
  
• High degree of initiative, dependability,
  and ability to work with little supervision while being resilient to
  change.
  
• Excellent written and verbal communication
  skills, interpersonal and collaborative skills.
  
• Must be a critical thinker, with strong
  problem -solving skills.
  

Nice to Have:

• Knowledge on Telecom communications technologies
  (Core and/or RAN), security protocols, 3GPP security requirements, ITU -T
  x.805, ISO27001, NIST, and related standards.
  
• Professional
  security management certifications are highly desirable, such as Certified
  Information Systems Security Professional (CISSP), Certified Information
  Security Manager (CISM), and any SIEM related certification (e.g., Splunk
  or Q -Radar or Logrhythm or leading SIEM(s)) certification.