Security Risk Index - Lead, Noida

As a Security Risk Index - Lead, you will contribute to security assessments, risk indexing, and various global cyber security standards and frameworks viz ISO 27000, GDPR, NIS2, NIST, HIPAA, TSA, SOC2, ITU-T, 3GPP, CSA - CCM, ITIL, etc. HOW YOU WILL CONTRIBUTE AND WHAT YOU WILL LEARN You need to identify potential threats, vulnerabilities, and attack vectors, analyzing their impact on network operations and services.You are evaluating the effectiveness of existing security controls and recommend appropriate countermeasures for the network. You need to understand security requirements and develop tailored risk mitigation strategies for the telecom network. You need to ensure compliance with industry best practices, regulatory requirements, and Nokia's internal security guidelines specifically for the telecom network.You will assess the effectiveness of existing security controls and identify areas for improvement within the telecom network. You need to provide technical expertise and guidance related to security incidents affecting the telecom network. You need to do tailor training programs to the specific needs of personnel involved in managing and operating the telecom network.KEY SKILLS AND EXPERIENCE You Have: Bachelor's degree in computer science, Information Security, or Electrical Engineering, with a minimum of 10-15 years of experience in security risk assessment, vulnerability management, or a related field within the telecom industry. Experience in security principles, methodologies, and best practices specifically relevant to telecom networks.Experience with security frameworks such as ISO 27001, NIST Cybersecurity Framework, or similar, with a focus on their application to telecom networks. Experience in conducting threat modeling, vulnerability analysis, and impact assessments for telecom network infrastructure. Experience with network security technologies such as firewalls, intrusion detection systems, VPNs, and network segmentation.Familiarity with telecom protocols and standards (e.g., SS7, Diameter, SIP) and their security implications. It would be nice if you also had: Certifications - ISO 270001 LA/LI, CISA , ITIL V3/4. Exposure to complex problem-solving and manage multiple projects simultaneously.