Capgemini Engineering_Cyber Security Architect (H/F)

Job Description

With over 6,000 cyber security consultants within the Capgemini Group, including more than 1,000 consultants in France, and leveraging over 30 years of proven expertise in cybersecurity (IT, Embedded, Industrial, and Telecom), Capgemini positions itself as an active player in the cyber security market.

The Cybersecurity practice within Capgemini Engineering aims to strengthen its workforce and cybersecurity offerings for the Telecommunications sector and is looking to recruit one or more Cyber Security Architects.

As a Cyber Security Architect, you will take part in complex large-scale projects focused on the design, planning, and building of Telecom Infrastructures and Networks, enabling a wide range of use-cases such as Mission Critical Communications (post Tetra), Public Safety, Non-Terrestrial Networks (NTN) and Industrial IoT.

Key Responsibilities :

• Design of end-to-end security architecture for Cloud and Telecom Infrastructures environments, covering the following domains: SIM/eSIM, Devices, RAN, Transport (MPLS/IP), EPC and 5G Core, IMS, MCx, OSS, and BSS.
• Develop security frameworks aligned with international standards (e.g., 3GPP, GSMA, ETSI, NIST, ISO 27001, etc.), best practices (e.g., defense in depth, zero trust, adaptive security) and organizational security policies.
• Conduct risk assessments and threat modeling for Telecom environments.
• Provide technical expert guidance to mitigate cyber security risks, vulnerabilities, weaknesses and incidents affecting the telecom environment.
• Assess and recommend security technologies (e.g., Firewalls, IDS/IPS, Encryption, PKI, HSM, PAM, EDR, SIEM, SOAR, etc.) and validate vendor solutions against security requirements.
• Create and maintain high-quality security architecture documentations (e.g., HLD, LLD), architecture diagrams, guidelines, procedures and training materials.
• Lead and/or collaborate with solution architects and integration teams to ensure secure deployments.

Technical Skills :

• 4G and 5G Security Compliance : GSMA, ENISA: TS33501, TS33.x, ETSI, NIST, etc.
• Security of RAN infrastructures : DNS/DHCP/IPAM, AAA, DIAMETER, RIC Security
• Security of radio communication protocols: 4G/LTE/5G, GSM/2G/3G, GTP, SCTP, etc.
• Security of transport networks (MPLS, IP, BGP, etc.), of cloud and virtualization platforms.
• Security of EPC/5GC core networks and interfaces : AMF, SMF, SMSF, UDR, 5G-EIR-BE, AUSF, 5G-EIR-FE, UDM, NRF, NEF, etc.
• Security of MCx and IMS services.
• Security of network management systems, OSS, and BSS.
• Secure architecture patterns and models : Zero-Trust, Layered Security Architecture, Defense in Depth, and Adaptive Security.
• Minimum Baseline Security Standard (MBSS) for hardening the configuration of telecom network elements.
• Security solutions and their vertical and horizontal integration strategies across the telecom environment, such as public key infrastructures (PKI), certificates life-cycle management (CLM), hardware security modules (HSM), cryptographic keys ceremonies, identity (IdM) and privileged access management (PAM), end-point detection and response (EDR), Security information and event management (SIEM), etc.

Profile and Experience :

• Master’s degree in computer science, information security, or telecommunications.
• Minimum 10 years of experience in cyber security, including minimum of 5 years in Telecom environments.
• Certifications: TOGAF, ISSAP, CISSP, CCSP or equivalent.
• Highly organized with the ability to manage multiple priorities effectively.
• Structured approach to problem-solving and decision-making.
• Excellent verbal and written communication skills in English (French is an asset).
• Strong presentation skills for technical and executive-level audiences.
• Ability to adapt to different cultural and business environments, with frequent travel worldwide to customers’ locations.

Our commitments and priorities :