Senior Information Security Expert – Telecom

About the role

We are looking for a senior information security professional to lead and strengthen the security posture of a telecom operator. The role combines hands‑on technical expertise with strategic leadership to design, implement and manage advanced security solutions across a fast‑paced telecom environment.

Key responsibilities

• Define, enforce and maintain information security policies, standards and frameworks such as ISO 27001, NIST, CIS and ITU‑T.
• Conduct risk assessments, gap analyses and threat‑modeling for telecom infrastructure.
• Lead incident detection, response and recovery for network and service platforms.
• Manage SOC/NOC integration, SIEM, IDS/IPS, firewalls, endpoint protection, and conduct penetration testing, red‑team exercises and vulnerability assessments.
• Secure telecom‑specific technologies (SS7, Diameter, SIP, IMS, VoLTE, 5G/4G, MPLS, IoT/M2M) and protect subscriber privacy.
• Harden BSS/OSS, mediation, billing and customer platforms; secure hybrid cloud environments (OpenStack, VMware, Kubernetes, AWS, Azure).
• Implement encryption, tokenization, DLP and security‑by‑design for APIs, mobile apps and enterprise applications.
• Mentor junior engineers, promote security awareness and collaborate with IT, network, legal, compliance, regulators and auditors.

Required profile

• 7‑10 years of experience in information security, preferably within telecom.
• Strong analytical, communication and leadership abilities.
• Relevant degrees (BSc/MSc) in Computer Science, Information Security, Telecommunications or related fields.
• Fluent in English; Kurdish or Arabic a plus.

Required skills

• Python, Bash, PowerShell scripting.
• SIEM, IDS/IPS, firewalls, EDR, DLP, WAF, IAM solutions.
• PKI, TLS, IPsec, VPN, zero‑trust architectures.
• Telecom protocols: SS7, SIP, Diameter, GTP, SCTP.
• Cloud platforms: OpenStack, VMware, Kubernetes, AWS, Azure.
• Encryption, tokenization, API security, mobile app security.
• Penetration testing, red‑team operations, vulnerability assessment.
• Risk assessment, threat modelling, fraud management.