Cloud Automation Security and Continuity Lead
Nokia is committed to connecting people to what matters to them, giving them the power to make the most of every moment, everywhere, anytime. At Nokia, you have a personal opportunity in an inspiring environment to make a global difference. Build a career that you will be proud of. Go on an adventure every day. Help shape a new era in the mobile industry. It's your world. This is your moment to shape it.
The Cloud Automation Security and Continuity Lead is responsible for the overall security posture of Cloud Automation and Tooling infrastructure and services.
The Role
This role will primarily work across Cloud Automation and Tooling (CAT) teams to actively evaluate, report, repair, and automate the necessary level of security scanning and response in the Infrastructure operated by the CAT team.
The Security and Continuity Lead will also collaborate with R&D, Architects, Project Managers, and Data Center engineers in a virtual team and focus on automation and information sharing necessary to understand and respond to security risks in Cloud environments. This role will focus on the operational systems controlled by CAT and by extension the services hosted within the Cloud infrastructure.
Essential requirements include a background in network and systems security, proven history of driving projects independently, proven record of effective leadership in direct and virtual teams, as well as technical skill sufficient to evaluate and respond to risks related to hardware, network, as well as Linux and Windows hosts in Nokias Cloud infrastructure.
A major part of this role will involve working with key stakeholders who include Nokia IT, Cloud Computing Operations and Delivery (CCOD) Security Team, Technology Strategy Architecture teams, as well as the Service Operations teams responsible for individual services, in ensuring the infrastructure can adhere to 99.9% or higher uptime standards while still effectively policing the environment for security risks and issues. Both strong technical and strong customer-facing skills are important.
Key Responsibilities
- Work with CCOD Security team to ensure proper security scanning and reporting for Cloud Infrastructure components. This includes creating and distributing reports on security risks, status, and mitigation strategies.
- Work directly with CAT engineering groups to prioritize and actively resolve or recommend response to any detected risks.
- Work directly with R&D and Program teams to improve deployment practices and patch/update policies for specific services to avoid repetition of particular security issues.
- Coordinate and provide technical leadership to a virtual team of engineers and team leads responsible for defining and driving security standards across the Cloud Automation and Tooling teams.
- Drive new initiatives from inception to deployment leveraging the strengths within the team and the Agile methodology as implemented within the team.
- Report regularly on the level of work and staffing needs of the security reporting and response function within the Cloud Automation and Tooling group. Scope, recommend, and hire additional staff as needed and agreed with Director of Cloud Automation and Tooling.
- Actively create and collaborate with Monitoring teams on automated tests to ensure compliance with security standards.
- Actively create and collaborate with stakeholder teams to incorporate security controls into automated deployment tools.
Our culture is founded on openness, collaboration and honesty, with colleagues who are brilliant in their field, resilient, and above all, strive for the best. One team, where everyone makes a difference and everyone is heard. We care. Even in tough times. We are driven by a better tomorrow, not just by past success. We make great products and services for millions of people, positively improving their daily lives. We are on a path where simplicity and "thinking big" can lead to great things.
Qualifications
A successful candidate meets the following:
- Degree in Computing Science or equivalent experience
- 4 -9+ years experience in relevant software or internet service industry
- Operational background supporting high availability 24x7x365 environments
- Experience and understanding of internet Security concepts
- Connectivity Security: Encryption; Network security; Network topology
- OS security configuration and patching on Linux and Windows hosts
- Familiarity and ability to work within scripting and coding best practices, including one or more OO languages, code review, source control, demonstration, scrum, and continuous deployment.
- Strong analytical and strategic skills, ability to prioritize interrelated issues and work sequentially through large numbers of tasks at one time.
- Clear understanding of the lifecycle of software based services
- Excellent negotiation and communication skills, including documentation, reporting and information distribution at all levels of an organization
- Project management experience: proven ability to plan and track tasks and deliverables.
- Ability to succeed in a highly matrixed, virtual and international culture where change and speed are part of daily work
- Experience in Internet technologies : horizontally scaled systems, high-throughput services
- Multi-Data Centre & Service Continuity Management.
- Operating Systems: Red Hat Linux, CentOS, Windows Server
- Security scanning systems: Qualys, Nessus, others.
- Familiarity in working with monitoring Tools: Nagios, Cacti, Ganglia, BMC
- Understand server virtualization technology such as VMware open_vz, and kvm
- Experience with the implementation, and maintenance of kickstart server and yum update.
- Familiar with revision control systems (CVS, SVN); deployment tools (cfengine, Jenkins, chef)
- Experience integrating infrastructure with multiple existing systems such as log management, database, web service, cmdb, REST API, etc.
Post a Comment