Be an early applicantLess than 25 applicants

Company

JMA Wireless · 3 hours ago

Network Security Engineer

United States

Full-time

Remote

Senior Level

$120K/yr - $145K/yr

5+ years exp

Maximize your interview chances

Communications InfrastructureWireless

Hiring Manager

Thomas Miller

Insider Connection @JMA Wireless

Discover valuable connections within the company who might provide insights and potential referrals.
Get 3x more responses when you reach out via email instead of LinkedIn.

Responsibilities

Analyze network designs and existing system 5G Private Wireless Radio Access Network (RAN) deployments to identify potential vulnerabilities and recommend remediation efforts

Proactively identify opportunities to improve system security controls, enhance threat detection and reduce attack surfaces during all phases of the system development lifecycle (SDLC)

Assist in the architecture and design of ORAN WG11 security countermeasures to protect control plane, user plane, and management plane traffic

Ensure JMA RAN solutions comply with ORAN Working Group 11 (WG 11) security specifications, which cover cryptographic methods, authentication, integrity protection, and authorization mechanisms specific to the O-RAN architecture.

Spearhead POC (Proof of Concept) activities and participate in decision making for new product analysis and selection

Create and document hardening profiles for third-party network products to include switches, routers, precision network time servers, VPN appliances, and IPSec tunnels

Conduct threat modeling and risk assessments in alignment with O-RAN WG11's Security Control Framework and 3GPP TS 33.501 and TS 33.117 risk mitigation strategies.

Develop test cases based on the O-RAN Security Test Specifications and ensure comprehensive security testing.

Collaborate with the RAN Systems team to validate the security architecture in O-RAN deployments through end-to-end testing.

Collaborate with cross-functional teams to integrate security controls.

Stay updated on the latest developments in O-RAN WG11 security protocols and 3GPP standards to ensure future-proof security designs.

Stay updated on training and certifications

Able to multi-task and pivot based on business needs.

Able to convey, document, and communicate technical information for a wide array of audiences

Can work with an engaged, independent mindset.

Leverages collaboration tools; such as, JIRA, Confluence, Bitbucket, and MS Teams, to convey milestone status, work progress, and risk mitigation documentation (i.e. test cases).

Qualification

Find out how your skills align with this job's requirements. If anything seems off, you can easily click on the tags to select or unselect skills to reflect your actual expertise.

5G NRO-RAN security protocols3GPP TS 33.501Network security appliancesDDoS attack mitigationLinux security administrationAutomation toolsPythonShell scriptingGitIEEE 802.1XMACSecPKIIP networkingEthernetNetwork function virtualizationSoftware-defined networksC-RAN architectureO-RAN architectureSecurity risk assessmentThreat modelingCollaboration tools

Required

At least 5+ years of experience working on developing FW/SW for telecommunications networks (4G/5G NR) and specifically in Radio Access Networks (RAN).

Familiarity with O-RAN and C-RAN architecture, including the disaggregated components of RAN such as Radio Unit (RU), Distributed Unit (DU), and Centralized Unit (CU).

Experience working with security protocols, particularly in telecom environments, focusing on protocols like IEEE 802.1X, MACSec, and PKI-based authentication.

Experience implementing security measures based on 3GPP TS 33.501 standards for 5G network security.

Hands-on experience with networking technologies, including IP, Ethernet, and 5G NR protocols. Understanding how to apply security at multiple layers of network communications.

Proficiency in handling network function virtualization (NFV) and securing software-defined networks (SDNs).

In-depth knowledge of common security challenges such as DDoS attacks and insider threats, along with familiarity with network security appliances and technologies for effective monitoring and management.

Strong knowledge of 5G NR, LTE, IP, Ethernet, and relevant RAN architectures, with a focus on C-RAN/O-RAN protocols outlined in O-RAN Security Protocols Specifications.

Hands-on experience with security protocols such as IEEE 802.1X, MACSec, PKI, SSH, and cryptographic techniques.

Experience with ORAN and 3GPP interfaces; such as, O1, 7-2x Fronthaul, Open Fronthaul M-Plane, and Open Fronthaul CUS Plane.

Strong knowledge in Linux or embedded system security administration, focused on safeguarding systems against evolving threats.

Experience with automation and configuration tools such as Salt and Ansible to streamline workflows, along with proficiency in scripting languages like Shell and Python, and using source code management tools like Git.

Strong analytical skills to assess security risks and vulnerabilities, and develop solutions based on the O-RAN Threat Model (O-RAN.STM-v02.00) and ISO 27005 risk management framework.