Network Security Engineer

JMA is restoring U.S. leadership in wireless technology at a critical time in the transition to 5G. It makes the world’s most advanced software-based 5G platform, designed, coded, and manufactured in Syracuse, NY at the only U.S.-owned 5G factory in the country. Across its global tech centers, JMA makes 5G possible for organizations with the most critical connectivity demands in the world. JMA’s technology is ushering in a new era of connectivity for leading mobile carriers, the most iconic stadiums, major universities, leading healthcare centers, the busiest transit centers, and the U.S. Military. 5G is more than another G on your phone — it is a generational opportunity to change the way the world operates. Join the industry’s fastest growing technology company to shape that future today. 
JMA Wireless is in search of a Network Security Engineer to join our team. This role will ensure the security and integrity of JMA XRAN systems by implementing ORAN security protocols, security specifications, and 3GPP TS 33.501 standards for 5G. The role focuses on technical implementation of security controls and contributing to the security development of O-RAN radio products, while also aligning with broader 5G security frameworks. The position can be located in Syracuse, NY or based Remotely.

Skills & Competencies:

• In-depth knowledge of common security challenges such as DDoS attacks and insider threats, along with familiarity with network security appliances and technologies for effective monitoring and management.
• Research and develop new approaches and countermeasures for emerging security threats to wireless systems
• Strong knowledge of 5G NR, LTE, IP, Ethernet, and relevant RAN architectures, with a focus on C-RAN/O-RAN protocols​ outlined in O-RAN Security Protocols Specifications
• Hands-on experience with security protocols such as IEEE 802.1X, MACSec, PKI, SSH, and cryptographic techniques.
• Experience with ORAN and 3GPP interfaces; such as, O1, 7-2x Fronthaul, Open Fronthaul M-Plane, and Open Fronthaul CUS Plane.
• Strong knowledge in Linux or embedded system security administration, focused on safeguarding systems against evolving threats.
• Experience with automation and configuration tools such as Salt and Ansible to streamline workflows, along with proficiency in scripting languages like Shell and Python, and using source code management tools like Git.
• Research and develop new approaches and countermeasures for emerging security threats to wireless systems
• Strong analytical skills to assess security risks and vulnerabilities, and develop solutions based on the O-RAN Threat Model (O-RAN.STM-v02.00) and ISO 27005 risk management framework​.

Responsibilities:

• Analyze network designs and existing system 5G Private Wireless Radio Access Network (RAN) deployments to identify potential vulnerabilities and recommend remediation efforts
• Proactively identify opportunities to improve system security controls, enhance threat detection and reduce attack surfaces during all phases of the system development lifecycle (SDLC)             
• Assist in the architecture and design of ORAN WG11 security countermeasures to protect control plane, user plane, and management plane traffic
• Ensure JMA RAN solutions comply with ORAN Working Group 11 (WG 11) security specifications, which cover cryptographic methods, authentication, integrity protection, and authorization mechanisms specific to the O-RAN architecture​.
• Spearhead POC (Proof of Concept) activities and participate in decision making for new product analysis and selection          
• Create and document hardening profiles for third-party network products to include switches, routers, precision network time servers, VPN appliances, and IPSec tunnels
• Conduct threat modeling and risk assessments in alignment with O-RAN WG11's Security Control Framework and 3GPP TS 33.501 and TS 33.117 risk mitigation strategies.
• Develop test cases based on the O-RAN Security Test Specifications and ensure comprehensive security testing.
• Collaborate with the RAN Systems team to validate the security architecture in O-RAN deployments through end-to-end testing​.
• Collaborate with cross-functional teams to integrate security controls​.
• Stay updated on the latest developments in O-RAN WG11 security protocols and 3GPP standards to ensure future-proof security designs​.
• Stay updated on training and certifications
• Able to multi-task and pivot based on business needs.
• Able to convey, document, and communicate technical information for a wide array of audiences
• Can work with an engaged, independent mindset.
• Leverages collaboration tools; such as, JIRA, Confluence, Bitbucket, and MS Teams, to convey milestone status, work progress, and risk mitigation documentation (i.e. test cases).

Required Skills & Experience:

• At least 5+ years of experience working on developing FW/SW for telecommunications networks (4G/5G NR) and specifically in Radio Access Networks (RAN).
• Familiarity with O-RAN and C-RAN architecture, including the disaggregated components of RAN such as Radio Unit (RU), Distributed Unit (DU), and Centralized Unit (CU)​.
• Experience working with security protocols, particularly in telecom environments, focusing on protocols like IEEE 802.1X, MACSec, and PKI-based authentication.
• Experience implementing security measures based on 3GPP TS 33.501 standards for 5G network security.
• Hands-on experience with networking technologies, including IP, Ethernet, and 5G NR protocols. Understanding how to apply security at multiple layers of network communications.
• Proficiency in handling network function virtualization (NFV) and securing software-defined networks (SDNs)​.

#LI-TM1
At JMA, our people are deeply committed to their work and we provide benefits to match. When you join JMA you have immediate access to everything you need. Whether you're looking for employee discounts, financial, legal and/or childcare resources and support, we have you covered. We believe in providing comprehensive health and wellness coverage along with monetary rewards towards health goals, in addition to numerous company-provided personal protection benefits at no additional cost to you. At JMA, we don’t just accept differences — we embrace them. JMA is proud to be an equal opportunity workplace. We do not discriminate based upon race, religion, color, national origin, gender (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristic.