Mobile Network Security Engineer

Job Description

Industry: Telecommunications
Seniority for this role: Mid-Senior level
Orange International Networks Infrastructures & Services (OINIS) is a team of over 1,500 professionals excelling in networks, infrastructure, and security. The mission of the OINIS department is to design, plan, deploy and operate international and long-distance (backbone) networks. Within the Mobile Services Department, you will work on current topics (5G, mobile network, signaling, security, virtualization, containerization…) in an international environment with teams based in France, Egypt, Morocco, Tunisia, and Slovakia. You will actively contribute to the design of security solutions and the development of security recommendations for operational deployments for our Wholesale and B2B customers. Working as part of a team of expert engineers and in close collaboration with the OINIS, Orange Innovation teams, you will: Lead work on mobile network security , developing expertise in “security by design”, risk analysis, security audit, authentication methods , signaling plan security, terminal security and end-to-end security, as well as the hardening of system and application configurations. Participate in all stages of the network infrastructure security lifecycle . Lead discussions with our suppliers to ensure support for security functions and required patches. Identify the defense-in-depth mechanisms implemented in network equipment to combat attacks and threats. Study the authentication mechanisms and methods needed to control access of terminals to Orange mobile networks in order to limit fraud. You will propose an action plan and countermeasure solutions for risk mitigation for deployment. Work closely with the OINIS Security Department to submit and obtain validation from regulatory bodies (e.g. ANSSI, ….) for our solutions. Work with Orange Wholesale’s Project Managers, Engineering and Operations teams as well as our customers’ engineering teams. In this context: You will master 4G/5G mobile network architectures and understand their implementation in container mode on a Telco Cloud infrastructure. You will contribute to the design of technical solutions meeting the needs of customer projects (HLD: High Level Design, LLD: Low Level Design) while maintaining the platform’s operability in a CI-CD environment. You will be responsible for documenting each topic and ensuring knowledge transfer to the operations and support teams. You will contribute to defining the roadmap for the 4G/5G core network solution to meet customer requirements, in liaison with the NSF (Network Software Factory) team. You will contribute to the deployment of the solution , its horizontal and vertical integration in a Lab, pre-production and production environment. You will be required to collaborate on support for the various platforms, defining test scenarios, carrying out tests, analyzing the traces collected (.pcap) in an E2E environment (5G / VoLTE / IoT chain, …). Manage supplier accounts access to our Platforms via Metagate, PEPS, OTP and customer accounts via SIU, 54Y, Web agents. Prepare documentation for setting up SSO (SAML) and creating certificates or renewals. You have the following skills to meet the needs of the position: Technical Proficiency : Degree in Software or Telecom Engineering or equivalent and 5-8 years of experience in telecommunications, particularly in mobile core networks security. Technical expertise in security (firewalls, security gateways, intrusion prevention, encryption) Knowledge of the mobile networks domain (protocols, architectures, interworking). Knowledge of authentication mechanisms and protocols (EAP-SIM, IMS-AKA, EPS-AKA, 5G-AKA, TUAK, etc.) Knowledge of security and encryption mechanisms and protocols (IPSec, TLS, DTLS, etc.) Experience with deployments in container environments (e.g., Kubernetes) within Telco cloud environments. Additional Expertise (Not Mandatory, but Highly Valued) : Knowledge of the following mobile network core elements: AMF/MME, SMF/SPGW-C, UPF/SPGW-U, AUSF-UDM, HSS-AUC, PCF/PCRF, CHF, DRA/DEA, N3IWF-ePDG, NRF, SCP, NSSF, EIR, CHF, SCEF/NEF. Knowledge of 4G/5G signaling protocols and 4G/5G RAN radio networks. Knowledge of CI-CD tools (GitLab etc.). Familiarity with Linux, virtualization, and programming languages (e.g., Java, Python). Expertise in E2E network & services integration/validation Practical knowledge of IPv4 and IPv6 architectures, including IP routing (IGP, BGP, etc.), IP QoS, MPLS, L2/L3 VPN, IPSEC, etc. General Skills : Language Proficiency: Advanced proficiency in English is essential. Proactive Doer: We’re seeking an individual with a proactive approach, excellent self-management skills, and a preference for an autonomous working style. Technical Creativity: Showcase technical creativity in problem-solving and solution design. Fast Learner with a Thirst for Knowledge: If you’re someone who learns quickly, has a fast-learning mentality, and a thirst for knowledge, you’ll fit right in. Team Player: An open-minded team player who thrives in an international environment, working seamlessly across different cultures, will find a perfect match with our values. Flexibility and capability to work in an Agile environment (SCRUM) comes naturally to you. Additional information Base salary from 2,200 € brutto per month, actual salary is likely to be higher based on skills, knowledge and experience. Only your skills matter Regardless of your age, gender, origin, religion, sexual orientation, neuroatypia, disability or appearance, we encourage diversity within our teams because it is a strength for the collective and a vector of innovation. Orange Group is a disabled-friendly company: don’t hesitate to tell us about your specific needs. Show more Show less