Family Description
Customer Services (CS) covers customer service in different areas such as technical support, account support, operations, maintenance, network design / deployment / integration / transformation, and education. Generates revenue and the increase of customer satisfaction through planning, designing, deploying, integrating, optimising, operating, and maintaining phases.
Subfamily Description
Managed Services (MSE) is responsible for keeping the network running and proposing / conducting network upgrades based on business requirements. Covers technical managing and operating of agreed components of IT and telecommunications services provided to end users of Nokia customers, within contracts agreed with those customers.
Key Responsibilities
HOW YOU WILL CONTRIBUTE AND WHAT YOU WILL LEARN
- Discovery & Automated Scanning, Vulnerability Closure & Follow-up
- Continuous Asset Discovery: Run quarterly and ad-hoc scans to identify active IPs, hostnames, and services across the IPv4/IPv6/Cloud estate.
- Vulnerability Scanning: Configure and manage automated tools (Nessus, Qualys, or Rapid7) for large-scale infrastructure and application scanning.
- False Positive Analysis: Critically review automated outputs to filter out noise and prioritize actionable risks.
- Stakeholder Management: Collaborate with DevOps, Network Engineers, and Telecom Ops to explain technical risks.
- Remediation Tracking: Actively follow up on the closure of identified gaps, ensuring they are fixed within the agreed-upon SLAs.
- Re-testing: Conduct thorough validation scans/tests to ensure that implemented fixes are effective and haven't introduced new issues.
- Infrastructure & Application Penetration Testing
- Infrastructure Pen-testing: Conduct deep-dive manual testing on servers, network devices, and database configurations.
- Web & Mobile App Security: Perform DAST (Dynamic) and manual testing on web apps and APIs (OWASP Top 10) and mobile applications (OMTG).
- Segmentation Testing: Verify the effectiveness of VLAN/Firewall isolation between Enterprise and Telecom Core networks.
- Red Teaming & Adversary Simulation
- Assume Breach Execution: Lead end-to-end simulations starting from a compromised Nokia Assume Breach machine to map internal topology.
- Complex Attack Chains: Execute lateral movement, privilege escalation (local to root/domain admin), and persistence using TTPs mapped to the MITRE ATT&CK framework.
- Evasion & Stealth: Develop custom C2 (Command & Control) channels to bypass perimeter defenses and exfiltrate data without triggering SOC alerts. Test the bypass of EDR, Antivirus, and WAF controls.
- Telecom Core Targeting: Conduct specialized attacks against OSS/BSS, HLR, VLR, and MSC systems to demonstrate risks to subscriber data and call routing.
- APT Simulation: Replicate real-world adversary TTPs (Tactics, Techniques, and Procedures) using the MITRE ATT&CK framework.
- Attack Surface Management (ASM):
- Monitor for Shadow IT and exposed digital assets.
- Manage automated black-box reconnaissance to identify Shadow IT, leaked credentials, and exposed IPv4/IPv6/Cloud assets.
- Dark Web Management
- Dark Web Intelligence: Monitor forums, paste-sites, and messaging channels for leaked Telecom data (CDRs, MSISDNs, IMEIs) or mentions of Airtel-specific threats.
- Dark Web Monitoring: Proactively hunt for leaked telecom-specific data (CDRs, MSISDNs, IMEIs) and leaked credentials.
- Risk Prioritization: Analyze ASM tool outputs to stack-rank vulnerabilities based on business impact and exploitability.
- Technical Mentorship & Reporting
- Gap Analysis: Evaluate the Detection Time and Reaction Time of the Blue Team/Incident Response teams during exercises.
- Executive Deliverables: Produce high-quality Proof-of-Concepts (PoCs) and remediation roadmaps for technical and non-technical stakeholders.
Key Skills And Experience
Required Skills & Experience
- Experience: 9+ Years in Offensive Security / Red Teaming within a Telecommunications or ISP environment.
- Certifications: OSCP (Minimum), OSEP, OSWE, or CRTP (Certified Red Team Professional).
- Methodology: Expert knowledge of the MITRE ATT&CK framework and NIST security standards.
- Technical Proficiency:
Category
Specific Expertise Required
Exploitation
Kerberoasting, Pass-the-Hash, Golden Ticket, PowerShell/Bash scripting, and EDR bypass.
Telecom Protocols
Foundational knowledge of
SS7, GTP, and Diameter
(coordinated with quarterly telecom exercises).
Infrastructure
Deep understanding of Network Segmentation, Active Directory, and NOC/SOC workflows.
Tools
Burp Suite, Cobalt Strike/Sliver, Metasploit, Nessus, and ASM platforms.
OSINT
Advanced reconnaissance using automated tools and manual deep-web search techniques.
About Us
Advancing connectivity to secure a brighter world.
Nokia is a global leader in connectivity for the AI era. With expertise across fixed, mobile and transport networks, powered by the innovation of Nokia Bell Labs, we're advancing connectivity to secure a brighter world.Learn more about life at Nokia .
Our recruitment process
We act inclusively and respect the uniqueness of people. Our employment decisions are made regardless of race, color, national or ethnic origin, religion, gender, sexual orientation, gender identity or expression, age, marital status, disability, protected veteran status or other characteristics protected by law. We are committed to a culture of inclusion built upon our core value of respect.If you're interested in this role but don't meet every listed requirement, we still encourage you to apply. Unique backgrounds, perspectives, and experiences enrich our teams, and you may be just the right candidate for this or another opportunity.The length of the recruitment process may vary depending on the specific role's requirements. We strive to ensure a smooth and inclusive experience for all candidates. Discover more about the recruitment process at Nokia .
About The Team
Some of our benefits:
- Flexible and hybrid working schemes
- A minimum of 90 days of Maternity and Paternity Leave, with the option to return to work within a year following the birth or adoption of a child (based on eligibility)
- Life insurance to all employees to provide peace of mind and financial security
- Well-being programs to support your mental and physical health
- Opportunities to join and receive support from Nokia Employee Resource Groups (NERGs)
- Employee Growth Solutions to support your personalized career & skills development
- Diverse pool of Coaches & Mentors to whom you have easy access
- A learning environment which promotes personal growth and professional development - for your role and beyond
