Job Description
The GRC Expert in Managed Security Services (MSS) is a strategic leadership role responsible for ensuring that all security operations align with regulatory requirements, business policies, and risk management strategies. You will play a critical role in aligning security services with client business objectives, improving organizational security posture, and ensuring continuous compliance with telecom-specific frameworks.
How You Will Contribute And What You Will Learn
- Align Managed Security Services (MSS) with the global Telecom Cybersecurity strategy and establish comprehensive cybersecurity policies and frameworks.
- Communicate complex risk postures and compliance status to senior management and customers through clear dashboards and reports.
- Implement and manage robust risk management frameworks, such as ISO 31000 or NIST RMF.
- Develop and maintain a central risk register, tracking mitigation strategies and treatment plans across client environments.
- Lead security risk assessments and audits to proactively identify and remediate vulnerabilities.
- Develop and test strategies for incident response and business continuity to minimize service disruptions.
- Ensure strict adherence to industry standards including ISO 27001, NIST CSF, PCI-DSS, GDPR, and telecom-specific regulations.
- Utilize GRC tools (e.g., RSA Archer, ServiceNow GRC) to automate monitoring and streamline the audit lifecycle.
Key Skills And Experience
Must-Have Qualifications:
- Over 12 years of experience in Governance, Risk, and Compliance (GRC), with a minimum of 5 years specifically in Telecom or Managed Security Services (MSS).
- Deep technical fluency in telecom infrastructure, including MPLS, 5G, IoT, and SDN/NFV.
- Strong understanding of security technologies such as Firewalls, SIEM, and encryption.
- Bachelor's or master's degree in Computer Science, Information Security, or Telecommunication Engineering.
- Exceptional stakeholder management skills combined with strong analytical thinking.
- Demonstrated ability to translate complex technical risks into clear business impact for executive audiences.
Nice-to-Have Qualifications:
- Possession of professional certifications such as CISM, CISA, CISSP, or CRISC.
- Certification as an ISO 27001 Lead Auditor.
About Us
Advancing connectivity to secure a brighter world.
Nokia is a global leader in connectivity for the AI era. With expertise across fixed, mobile and transport networks, powered by the innovation of Nokia Bell Labs, we're advancing connectivity to secure a brighter world.
Learn more about life at Nokia .
Our recruitment process
We act inclusively and respect the uniqueness of people. Our employment decisions are made regardless of race, color, national or ethnic origin, religion, gender, sexual orientation, gender identity or expression, age, marital status, disability, protected veteran status or other characteristics protected by law. We are committed to a culture of inclusion built upon our core value of respect.
If you're interested in this role but don't meet every listed requirement, we still encourage you to apply. Unique backgrounds, perspectives, and experiences enrich our teams, and you may be just the right candidate for this or another opportunity.
The length of the recruitment process may vary depending on the specific role's requirements. We strive to ensure a smooth and inclusive experience for all candidates. Discover more about the recruitment process at Nokia .
About The Team
Some of our benefits:
- Flexible and hybrid working schemes
- A minimum of 90 days of Maternity and Paternity Leave, with the option to return to work within a year following the birth or adoption of a child (based on eligibility)
- Life insurance to all employees to provide peace of mind and financial security
- Well-being programs to support your mental and physical health
- Opportunities to join and receive support from Nokia Employee Resource Groups (NERGs)
- Employee Growth Solutions to support your personalized career & skills development
- Diverse pool of Coaches & Mentors to whom you have easy access
- A learning environment which promotes personal growth and professional development - for your role and beyond
