JOB DESCRIPTION
Job Summary:
The O-RAN Radio Security FW/SW Developer will ensure the security and integrity of O-RAN Radio in compliance with ORAN security standards and security specifications. The role focuses on design, implement and maintain ORAN Radio OS across all the platforms, implementing and customizing OS to meet security standards, performing risk analysis, and contributing to the FW development of secure O-RAN radio products, by developing security features across all products code base.
Skills and Competencies:
• Technical Expertise:
o Strong experience with Linux kernel software, Embedded Linux, RTOS, U-Boot/kernel development and customization, Linux Device Tree, File system operations
o Experience with Embedded System Security Principles and Techniques, security by design and OS hardening
o Hands-on experience with security protocols such as IEEE 802.1X, MACSec, PKI, and cryptographic techniques.
• O-RAN and 3GPP Security Standards:
o Familiarity with O-RAN WG11 security specifications; particularly, O-RAN Security Requirements and Controls Specification, which addresses cryptography, key management, and secure access.
• Analytical & Problem-Solving Skills:
o Strong analytical skills to assess security risks and vulnerabilities, and develop solutions based on the O-RAN Security Threat Modeling and Risk Assessment and ISO 27005 risk management framework.
Responsibilities
1. Radio FW Security Design & Implementation:
• Design, build, configure and maintain O-RAN Radio OS across all radio platforms, ensuring security requirements and hardening guidelines are met
• Architect and implement cybersecurity features into new ORAN Radio platform, ensure security features are integrated across all existing product code bases
• Design and implement security protocols for O-RAN fronthaul interfaces in line with O-RAN WG11 security requirements.
2. Compliance with O-RAN and 3GPP Standards:
• Ensure compliance with O-RAN Security Requirements and Controls Specification security standards, which cover cryptographic methods, authentication, integrity protection, and authorization mechanisms specific to the O-RAN architecture.
• Implement security measures into radio FW/SW as specified in 3GPP TS 33.501 for 5G system architecture security.
3. Threat Analysis & Mitigation:
• Verify if output implementation is aligned with the products’ security architecture, requirements, and threat model.
• Review product security designs, documenting missing security implementation, and drive analysis for security improvements.
• Document and present product security risks in both technical- and business-oriented language
4. Testing & Validation:
• Executing end-to-end security posture assessments via source code auditing, functional testing and other applicable methodologies
• Collaborate with the RAN Systems team to validate the security architecture in O-RAN deployments through end-to-end testing.
5. Collaboration & Continuous Improvement:
• Collaborate with cross-functional teams to integrate security controls.
• Stay updated on the latest developments in O-RAN WG11 security protocols and 3GPP standards to ensure future-proof security designs.
Qualifications
1. Design & Development Experience:
1. At least 6+ years of experience in FW/SW architecture, design and implementations with a specific emphasis for wireless applications and radio products
2. Solid experience in object-oriented design and development using C++, as well as full proficiency in embedded software development in C in the context of system software (bootloaders, drivers, kernel, system services, etc.)
3. Experience with Linux kernel software, Embedded Linux, RTOS, U-Boot/kernel development and customization, Linux Device Tree, File system opera
Compliance with O-RAN and 3GPP Standards:
• Ensure compliance with O-RAN Security Requirements and Controls Specification security standards, which cover cryptographic methods, authentication, integrity protection, and authorization mechanisms specific to the O-RAN architecture.
• Implement security measures into radio FW/SW as specified in 3GPP TS 33.501 for 5G system architecture security.
3. Threat Analysis & Mitigation:
• Verify if output implementation is aligned with the products’ security architecture, requirements, and threat model.
• Review product security designs, documenting missing security implementation, and drive analysis for security improvements.
• Document and present product security risks in both technical- and business-oriented language
4. Testing & Validation:
• Executing end-to-end security posture assessments via source code auditing, functional testing and other applicable methodologies
• Collaborate with the RAN Systems team to validate the security architecture in O-RAN deployments through end-to-end testing.
5. Collaboration & Continuous Improvement:
• Collaborate with cross-functional teams to integrate security controls.
• Stay updated on the latest developments in O-RAN WG11 security protocols and 3GPP standards to ensure future-proof security designs.
Qualifications
1. Design & Development Experience:
1. At least 6+ years of experience in FW/SW architecture, design and implementations with a specific emphasis for wireless applications and radio products
2. Solid experience in object-oriented design and development using C++, as well as full proficiency in embedded software development in C in the context of system software (bootloaders, drivers, kernel, system services, etc.)
3. Experience with Linux kernel software, Embedded Linux, RTOS, U-Boot/kernel development and customization, Linux Device Tree, File system opera
Compliance with O-RAN and 3GPP Standards:
• Ensure compliance with O-RAN Security Requirements and Controls Specification security standards, which cover cryptographic methods, authentication, integrity protection, and authorization mechanisms specific to the O-RAN architecture.
• Implement security measures into radio FW/SW as specified in 3GPP TS 33.501 for 5G system architecture security.
3. Threat Analysis & Mitigation:
• Verify if output implementation is aligned with the products’ security architecture, requirements, and threat model.
• Review product security designs, documenting missing security implementation, and drive analysis for security improvements.
• Document and present product security risks in both technical- and business-oriented language
4. Testing & Validation:
• Executing end-to-end security posture assessments via source code auditing, functional testing and other applicable methodologies
• Collaborate with the RAN Systems team to validate the security architecture in O-RAN deployments through end-to-end testing.
5. Collaboration & Continuous Improvement:
• Collaborate with cross-functional teams to integrate security controls.
• Stay updated on the latest developments in O-RAN WG11 security protocols and 3GPP standards to ensure future-proof security designs.
Qualifications
1. Design & Development Experience:
1. At least 6+ years of experience in FW/SW architecture, design and implementations with a specific emphasis for wireless applications and radio products
2. Solid experience in object-oriented design and development using C++, as well as full proficiency in embedded software development in C in the context of system software (bootloaders, drivers, kernel, system services, etc.)
3. Experience with Linux kernel software, Embedded Linux, RTOS, U-Boot/kernel development and customization, Linux Device Tree, File system opera
Any Graduate