Principal Engineer, System Security

ANDREW, an Amphenol company

Hudson, NH 03051, USA

Published: 6/14/2022

Real Estate

Full Time

Job Description

Join our team and help shape the future of connectivity indoors and outdoors. Together, let's push the boundaries of technology and advance sustainable networks worldwide.

How You'll Help Us Connect the World:

We are seeking a skilled and experienced Platform and Network Security Expert to lead and enhance security measures across the infrastructure of our DAS and RAN products, while also operationalizing and upholding security measures and policies defined by Andrew's security team.

This role focuses on securing 4G/5G components and their management systems, ensuring compliance with telecom security standards, as well as the security requirements from operators and customers. It also involves detecting vulnerabilities and working closely with operators, vendors, and internal SW and HW development teams. As a Principal System Security Engineer, you will be responsible for the security aspects of the RAN and DAS products as part of the ICN business unit of Andrew. This role is hybrid based in Nashua, NH or Richardson, TX.

You Will Make an Impact By:

Designing and defining security policies and requirements for RAN and DAS systems
Architect secure environments across Linux/Windows systems, Kubernetes, and container platforms. Implement least privilege access, strong authentication, and patch management.
Performing risk assessments, threat modeling, and vulnerability analysis on RAN elements and AWS cloud hosting.
Preparing responses to customer security requirements and questionnaires.
Collaborating with engineering teams to ensure security is embedded in network design and deployment.
Monitoring for and responding to security incidents involving RAN equipment and interfaces.
Validating the security of vendor software/hardware and ensuring adherence to 3GPP, NIST, and GSMA standards.
Defining and enforcing security configurations (e.g., secure boot, firmware validation, secure signaling).
Engaging in penetration and other security testing, evaluating and prioritizing security vulnerabilities.
Engaging with security test houses and evaluating their test plans and test reports.
Working with internal and external stakeholders on compliance audits and regulatory requirements (e.g., O-RAN, RED, NESAS, NCSC, GDPR).
Developing tools/scripts to automate RAN security monitoring, cloud infrastructures, vulnerability management, system audits, security baselining and reporting.
Staying up-to-date with emerging threats and mitigation strategies specific to telecom infrastructure.
Implementing and maintaining security policies and configurations for AWS cloud infrastructure in alignment with Andrew's security team directives and governance frameworks
Applying and operationalizing the policies, standards, and controls designed by the central security team and ensuring alignment across product security implementations.

Required Qualifications for Consideration:

Bachelor's or Master's degree in Telecommunications, Computer Science, Cybersecurity/Information security or related field.
10+ years of experience in the Telecommunications and Cellular industry with at least 5 years of experience in telecom network security, especially in RAN and DAS products Security.
Expertise in mobile network security principles, PKI, TLS, IPSec, and Zero touch provisioning.
Experience with base station software (e.g., O-RAN, vRAN) and vendor-specific RAN solutions.
Knowledge of O-RAN architecture and Open RAN Security groups.
Knowledge of cloud infrastructure and cloud security.
Familiarity with security frameworks like 3GPP SA3, GSMA FS.33/FS.37, and NESAS/SCAS, NIST, CIS Benchmarks, etc.
Proficiency in security testing tools (e.g., Nessus, OpenVAS, Burp Suite, or telecom-specific security scanners).
Knowledge of Linux security, secure coding practices, and scripting (Python, Bash).
Strong communication and cross-functional collaboration skills, especially in interfacing with centralized security teams and development stakeholders.

You Will Excite Us If You:

Have certifications such as CISSP, CEH, GICSP, or vendor-specific security certifications.
Have experience with AI/ML-based threat detection in telecom networks.
Have knowledge of 3GPP standards, especially for 4G/5G RAN architecture and interfaces (e.g., X2, S1, NG, F1).
Have hands-on experience with telco cloud environments (e.g., Kubernetes, OpenStack, CNFs).

Why ANDREW?

Explore exciting career opportunities at ANDREW, part of the Amphenol family. With a legacy of over 85 years in wireless innovation, we empower mobile operators and enterprises with cutting-edge solutions. ANDREW, an Amphenol company, is proud of our reputation as an excellent employer. Our focus is to provide the highest level of support and responsiveness to both our employees and our customers, the world's largest technology companies. ANDREW offers the opportunity for career growth within a global organization. We believe that our company is unique in that every employee, regardless of his or her position, has the ability to positively impact the business.

ANDREW is an "Equal Opportunity Employer" - Minority/Female/Disabled/Veteran/Sexual Orientation/Gender Identity/National Origin.

For additional company information, please visit our website athttps://www.andrew.com.

#LI-Hybrid

#LI-JT1