Application security architect Bangalore, Rakuten Symphony India Private Limited - RMI - Network Engineering & Operations - RMI Security Engineering and Operations division

Job Description

About Rakuten Symphony: Rakuten Symphony is a Rakuten Group company, providing global B2B services for the mobile telco industry and enabling nextgeneration, cloud-based, international mobile services. Building on the technology Rakuten used to launch Japanʼs newest mobile network, we are taking our mobile offering global. To support our ambitions to provide an innovative and secure cloud-native telco platform for our customers, Rakuten Symphony is looking for individuals to join our Information Security Engineering & Operations team as a Senior Security Architect and contribute to development of e2e security architecture based on industry best practices and guidelines. Letʼs build the future of mobile telecommunications together!

For more information visit: https://symphony.rakuten.com/

Responsibilities

Conduct thorough reviews of high-level architecture designs, actively participate in ARB meetings, ensuring compliance with security requirements adhering to RM Security Policies.

• Develop high-level security architecture designs for Freedom RCP migration projects for Security functions such as IPS, Firewalls, SOC and Assurance tools.
• Conduct threat modelling analysis to identify and prioritize potential security threats and recommend controls, required for Security reviews/Designs.
• Expert security consultation and guidance to BUs across Rakuten Mobile in security of O-RAN, Core, BSS, Cloud Infra, OSS Domains.
• Maintain and evolve various RM Security Architecture reference framework and work closely with SEOD department for architectural enhancements.
• Evaluate and manage security exception requests, providing guidance on risk mitigation strategies. Participate in O-RAN/3GPP Security Standards meetings and bring WG11 Security contributions and IP patents on behalf of Rakuten Mobile for O-RAN Subsidy projects.
• Drive new Security initiatives based on identified security gaps and conduct Proof of concepts in India/Japan Labs.
• Ensure compliance with relevant security standards and frameworks, including NIST, ISO, OWASP etc.
  
  

Experience And Skills

• Bachelor's or Master's degree in Computer Science, Information Security, or a related field
• 10+ years of experience performing security assessment and risk assessment on cloud native architectures using standard threat modelling techniques such as STRIDE, identifying vulnerabilities and formulating security controls to mitigate risks
• Experience in designing and implementation of Secure SDLC practices – applying secure coding practices, use of DevSecOps tools and other industry best practises
• Experience with securing Kubernetes based cloud native platforms- securing containers in Kubernetes, hardening techniques, implement microsegmentation, enforcing least privilege based access, secure storage for data, secure logging, access control etc.
• Experience in using industry-standard cryptographic protocols such as TLS, IPSec and SSH, deep knowledge of securing APIs using Authorization protocols such as OAuth 2.0
• Knowledge of security frameworks and compliance standards, such as NIST, CIS and GDPR.
• Good understanding of O-RAN Alliance and 3GPP security standards
• Good understanding of public cloud security technologies, such as AWS security groups, Azure security center, and Google Cloud Platform security controls.