Principal Engineer, Cyber Security

About The Position

Requirements

• Extensive experience in cybersecurity within telecommunications, particularly with 3GPP standards and telecom infrastructure.
• Strong knowledge of security design and implementation for packet core networks and critical telecom services.
• Experience with advanced threat management and incident response in telecom environments.
• Proficiency in cloud-native security technologies and architectures, particularly in 5G and IMS environments.
• Familiarity with modern authentication technologies and security tools such as firewalls and load balancers.

Nice To Haves

• Experience with micro-segmentation tools and SASE products.
• Knowledge of secure SDLC practices and mentoring experience in cybersecurity.
• Familiarity with automation tools and scripting, particularly in Python.

Responsibilities

• Ensures the security of 3GPP-compliant systems, including LTE, 5G, and IMS core networks.
• Develops and implements cybersecurity solutions for packet core infrastructure, including EPC, UPF, and related network elements.
• Leads security design and implementation for critical services like e911, VoLTE, RCS messaging, and SMS/MMS platforms.
• Secures signaling protocols (e.g., Diameter, SIP, HTTP/2) and mitigates risks such as signaling fraud, DoS attacks, and SS7 vulnerabilities.
• Develops and executes threat modeling approaches (e.g., STRIDE, ATT&CK, Cyber Kill Chain) for telecom technologies and services.
• Designs and deploys advanced EDR/XDR solutions to protect against sophisticated threats targeting telecom infrastructure.
• Secures 5G standalone and non-standalone architectures, ensuring integrity and confidentiality across gNBs, MEC, and NFs.
• Improves cloud-native security in 5G core and IMS environments leveraging Red Hat Openshift, Kubernetes, service meshes (Istio), and microservices.
• Collaborates with teams on the implementation of secure MEC (Multi-access Edge Computing) environments and 5G slicing security.
• Provides expertise on cloud-native security technologies in AWS, Azure, GCP, etc.
• Demonstrates proficiency in cloud security architecture and deployment.
• Implements software-defined network architecture and deployment in large-scale enterprise using Cisco ACI and Terraform.
• Utilizes modern authentication stack experience on Microsoft Entra ID, CyberArk, Hashicorp, Keyfactor, and certificate management.
• Handles firewalls (Checkpoint, PAN), load balancers (A10, F5, Avi), micro-segmentation tools (Illumio), and SASE products like Zscaler.
• Leads investigations and response efforts for telecom-specific security incidents, ensuring compliance with standards and regulations.
• Proactively identifies security gaps in legacy and modern telecom infrastructure, developing and implementing risk mitigation strategies.
• Acts as a cybersecurity advisor for engineering teams, ensuring secure SDLC practices for telecom and enterprise applications.
• Mentors teams on telecom cybersecurity, fostering expertise in signaling security, secure protocol design, and network hardening.
• Implements and manages solutions for zero-trust architecture, AppSec, and DevSecOps within telecom systems.
• Automates threat detection and response pipelines using Python.

Benefits

• Competitive base salary and compensation package.
• Annual stock grant and employee stock purchase plan.
• 401(k) with wealth-building opportunities.
• Access to free, year-round money coaches.