Senior Penetration Tester / ASTaR

Family Description

Strategy and Technology lays the path for Nokia’s future technology innovation and identifies the most promising areas for Nokia to create new value. We set the company’s strategy and technology vision, offer an unparalleled research foundation for innovation, and provide critical support infrastructure for Nokia.

The Advanced Security Testing and Research (ASTaR) lab is part of Nokia's central security organization. ASTaR is focused on advanced security testing and threat research for 5G and future generation networks. It operates a dedicated security lab and works closely with Nokia's product lines and R&D community.

 

As part of our team, you will:

• Research and evaluate advanced attack vectors for 5G and future generation networks
• Conduct penetration tests and advanced security verification on various network functions
• Brief product management and R&D teams about security weaknesses detected during testing
• Participate in operating and maintaining the security lab
• Train Nokia's security community on advanced attacks and threat actors
• Support Nokia's Product Security Incident Response by evaluating the impact of 3rd party vulnerabilities on our products.
• Occasionally assist Nokia's security response community in analysing complex network security incidents

 You have:

•  Significant experience of security testing network functions / network appliances, including testing non-standard/non-web protocols and interfaces.
•  Experience of fuzzing, protocol analysis, DAST and API security testing.
•  A Bachelor's degree coupled with relevant professional certifications (GXPN, OSCP, LPT, CEH) or equivalent knowledge level.

 

It would be nice if you also had:

• An understanding of 5G network architecture (key network functions and methods of communication between them) 
• Knowledge of containers (docker, kubernetes), HTTP/2 and REST APIs with various payload formats (JSON, XML)
• An analytic white hat hacking mindset
• Capability to distil complex technical topics (improving the signal-to-noise ratio in a growing sea of security threats)
• Good skills in preparing and giving presentations on security findings to technical and non-technical audiences
• System administration experience

 

Come create the technology that helps the world act together

Nokia is committed to innovation and technology leadership across mobile, fixed and cloud networks. Your career here will have a positive impact on people’s lives and will help us build the capabilities needed for a more productive, sustainable, and inclusive world.
We challenge ourselves to create an inclusive way of working where we are open to new ideas, empowered to take risks and fearless to bring our authentic selves to work

What we offer
 
Nokia offers continuous learning opportunities, well-being programs to support you mentally and physically, opportunities to join and get supported by employee resource groups, mentoring programs and highly diverse teams with an inclusive culture where people thrive and are empowered.

Nokia is committed to inclusion and is an equal opportunity employer

Nokia has received the following recognitions for its commitment to inclusion & equality:

• One of the World’s Most Ethical Companies by Ethisphere
• Gender-Equality Index by Bloomberg
• Workplace Pride Global Benchmark

At Nokia, we act inclusively and respect the uniqueness of people. Nokia’s employment decisions are made regardless of race, color, national or ethnic origin, religion, gender, sexual orientation, gender identity or expression, age, marital status, disability, protected veteran status or other characteristics protected by law.
We are committed to a culture of inclusion built upon our core value of respect.

Join us and be part of a company where you will feel included and empowered to succeed.