• Location: England, London
  • Date Posted: 16th Apr, 2020
  • Reference: 16042020pr_1587025704
Job Title - Senior Security Architect

Start Date - ASAP

Location - Remote


Job Summary

·Design the security architecture, controls and specifics across all core network components leveraging in-depth knowledge of 3GPP EPC/5G and ETSI security specifications.

·Write technical high level design and low level design documents covering all Security requirements in the solution, including but not limited to cloud native applications, Virtualisation, Kubernetes etc.

·Design the best practice-based isolation as per the customer requirement. Design the CCD security requirements, deployed as VM based on neutron networking. Define usage of CNI pluggable to ensure networking, security and isolation.

·Configuration of registry, RBAC using DEX and defining best practices based deployment of the same network.



·3GPP defined security controls across Storage, Onboarding , Instantiation, Authentication & Service based interfaces interconnecting with 3rd party PKI

·Logging and monitoring of all security events



·Design of security mechanisms within the orchestration environment covering user authorization and authentication; securing each tenant's' data from other tenant's data; and securing and encrypting communication between Cloud Manager components and external systems. Covering the following areas:

- User Provisioning

- Tenant Provisioning

- Authentication of Cloud Manager

- Authorization of user requests

- Validation of authentication tokens

- Integration with external IDAM systems

-Verification of digital signatures for package and image

·Support during testing of the security within the solution, and liason with PDU to identify ways forward.

Skills:

Strong experience of designing security architecture in a Telecoms Cloud environment, specifically also including the following generic skills:

* OSS systems, FCAPS and specifically "Security" configurations.
* PKI systems and understanding of various protocols and standards like SCEP, CMPV2, ACME etc.
* security controls specific to NFVi
* in-depth knowledge of 3GPP EPC/5G and ETSI security specifications

Please send your CV to p.robinson@jeffersonfrank.com