Telecom Security Risk Consultant

As a Telecom Security Risk Consultant, you will lead end‑to‑end security risk assessments, threat modeling and security consulting across mobile network and cloud-native telecom environments. Working directly with operators, vendors, and critical infrastructure stakeholders, you will define scope and methodology, assess architectures and protocols, validate evidence, and translate technical findings into clear, prioritized risks and practical remediation roadmaps. You’ll also contribute to repeatable delivery through strong documentation, client workshops, and continuous improvement of our internal playbooks and tooling.

Tasks

Responsibilities

Lead and deliver deep‑dive telecom security risk assessments and security consulting for operators, vendors, and critical infrastructure programs (Security Architecture Reviews, RAN & OSS Risk Assessment, MOCN Risk Assessment, IMS Cloud Risk Assessment, 5G Core Risk Assessment).

Define assessment scope, threat model, and risk methodology; translate technical findings into clear, actionable risk statements and remediation roadmaps.

Perform architecture and design reviews across 2G/3G/4G/5G, IMS, EPC/5GC, RAN/Open

RAN, OSS/BSS, interconnect, roaming, cloud-native telecom platforms (Kubernetes/Open

Stack), wireline and other OT and IT infrastructure.

Assess security controls and compliance alignment (e.g., GSMA, 3GPP, NIST/ISO principles) including identity, key management, crypto choices, secure boot, supply chain, and operational security.

Analyze protocol and interface exposure (SS7, Diameter, GTP, SIP/IMS, SIGTRAN, HTTP APIs) and identify abuse cases, misconfigurations, and systemic weaknesses.

Evaluate cloud and platform security for telecom workloads (multi-tenancy, network segmentation, service mesh, IAM, secrets management, CI/CD, container hardening).

Conduct evidence-based testing and validation when required (configuration review, log review, traffic analysis, fuzzing/abuse-case testing) and c...