Security Risk and Compliance Expert Amadora

Security Risk and Compliance Expert
Amadora
Amadora, Lisboa, Portugal

Join to apply for the Security Risk and Compliance Expert role at Nokia

5 days ago Be among the first 25 applicants

Job Description

The Security Risk and Compliance Expert is responsible for implementing and operating the global Information Security Management System (ISMS) of Nokia. This person will support Nokia Business Groups and Corporate Functions in identifying, evaluating, managing, and reporting their information security risks to enhance overall security and compliance of services provided to customers.

How You Will Contribute And What You Will Learn

• Facilitate information security control implementation and conduct risk assessments with global stakeholders
• Review and recommend security risk mitigation strategies
• Maintain and develop the information security risk register
• Track, report, and present risk assessment and mitigation progress
• Collect data for Key Performance Indicators (KPIs) to measure ISMS effectiveness
• Maintain repository of ISMS reports, evidence, and audit records
• Develop and deliver trainings on ISMS practices
• Develop, review, and update ISMS related documentation
• Contribute to the continuous development of Nokia ISMS and related tools
• Stay updated with emerging security trends, threats, and best practices

Key Skills And Experience

• 5+ years of experience in information security or related functions in a multinational organization
• Practical knowledge of ISO/IEC 27001:2022 standard implementation
• Solid understanding of information security processes and technologies
• Ability to manage complex activities in a global and diverse business environment
• Advisory skills to guide the organization towards compliance with information security requirements
• Excellent documentation and communication skills
• Fluency in English
• Motivation to learn new skills
• Education: Master’s or bachelor’s degree in computer science, security engineering, or equivalent

Preferred Qualifications

• Knowledge of other security standards, regulations, and best practices (e. g. , CSA CCM, NIST CSF, NIS2, SOC2)
• Experience with delivering information security training
• Experience in the telecommunications industry
• Experience with RSA Archer, Microsoft Power BI, or other GRC/data analytics tools
• Certifications such as CRISC, CISSP, ISO 27001 LI/LA

About Us

Nokia is committed to innovation and technology leadership across mobile, fixed, and cloud networks. Your career here will positively impact lives and help build a sustainable, inclusive world. We foster an inclusive culture where new ideas are welcomed, risks are supported, and authenticity is valued.

What We Offer

Continuous learning,
- being programs, employee resource groups, mentoring, and diverse teams in an inclusive environment where people thrive and succeed.

Our Commitments

Nokia is an equal opportunity employer, recognized for its commitment to inclusion and equality, including awards from Ethisphere, Bloomberg, and Workplace Pride. We respect and value the diversity of our people and make employment decisions regardless of personal characteristics.

About The Team

Strategy and Technology shapes Nokia’s future through innovation, research, and support infrastructure, setting the company's strategy and technological vision.

Additional Details

• Seniority level: Not Applicable
• Employment type: Full-time
• Job function: Information Technology
• Industries: IT Services, IT Consulting, Telecommunications