Salary Range: 120000 to 145000 (Currency: USD) (Pay period: per-year-salary)

Skills & Competencies:

• In-depth knowledge of common security challenges such as DDoS attacks and insider threats, along with familiarity with network security appliances and technologies for effective monitoring and management.
• Research and develop new approaches and countermeasures for emerging security threats to wireless systems
• Strong knowledge of 5G NR, LTE, IP, Ethernet, and relevant RAN architectures, with a focus on C-RAN/O-RAN protocols​ outlined in O-RAN Security Protocols Specifications
• Hands-on experience with security protocols such as IEEE 802.1X, MACSec, PKI, SSH, and cryptographic techniques.
• Experience with ORAN and 3GPP interfaces; such as, O1, 7-2x Fronthaul, Open Fronthaul M-Plane, and Open Fronthaul CUS Plane.
• Strong knowledge in Linux or embedded system security administration, focused on safeguarding systems against evolving threats.
• Experience with automation and configuration tools such as Salt and Ansible to streamline workflows, along with proficiency in scripting languages like Shell and Python, and using source code management tools like Git.
• Research and develop new approaches and countermeasures for emerging security threats to wireless systems
• Strong analytical skills to assess security risks and vulnerabilities, and develop solutions based on the O-RAN Threat Model (O-RAN.STM-v02.00) and ISO 27005 risk management framework​.

Responsibilities:

• Analyze network designs and existing system 5G Private Wireless Radio Access Network (RAN) deployments to identify potential vulnerabilities and recommend remediation efforts
• Proactively identify opportunities to improve system security controls, enhance threat detection and reduce attack surfaces during all phases of the system development lifecycle (SDLC)             
• Assist in the architecture and design of ORAN WG11 security countermeasures to protect control plane, user plane, and management plane traffic
• Ensure JMA RAN solutions comply with ORAN Working Group 11 (WG 11) security specifications, which cover cryptographic methods, authentication, integrity protection, and authorization mechanisms specific to the O-RAN architecture​.
• Spearhead POC (Proof of Concept) activities and participate in decision making for new product analysis and selection          
• Create and document hardening profiles for third-party network products to include switches, routers, precision network time servers, VPN appliances, and IPSec tunnels
• Conduct threat modeling and risk assessments in alignment with O-RAN WG11’s Security Control Framework and 3GPP TS 33.501 and TS 33.117 risk mitigation strategies.
• Develop test cases based on the O-RAN Security Test Specifications and ensure comprehensive security testing.
• Collaborate with the RAN Systems team to validate the security architecture in O-RAN deployments through end-to-end testing​.
• Collaborate with cross-functional teams to integrate security controls​.
• Stay updated on the latest developments in O-RAN WG11 security protocols and 3GPP standards to ensure future-proof security designs​.
• Stay updated on training and certifications
• Able to multi-task and pivot based on business needs.
• Able to convey, document, and communicate technical information for a wide array of audiences
• Can work with an engaged, independent mindset.
• Leverages collaboration tools; such as, JIRA, Confluence, Bitbucket, and MS Teams, to convey milestone status, work progress, and risk mitigation documentation (i.e. test cases).

Required Skills & Experience:

• At least 5+ years of experience working on developing FW/SW for telecommunications networks (4G/5G NR) and specifically in Radio Access Networks (RAN).
• Familiarity with O-RAN and C-RAN architecture, including the disaggregated components of RAN such as Radio Unit (RU), Distributed Unit (DU), and Centralized Unit (CU)​.
• Experience working with security protocols, particularly in telecom environments, focusing on protocols like IEEE 802.1X, MACSec, and PKI-based authentication.
• Experience implementing security measures based on 3GPP TS 33.501 standards for 5G network security.
• Hands-on experience with networking technologies, including IP, Ethernet, and 5G NR protocols. Understanding how to apply security at multiple layers of network communications.
• Proficiency in handling network function virtualization (NFV) and securing software-defined networks (SDNs)​.