Sanjay Majumder

Working Experience:
As a Senior Technical Manager at Rakuten Symphony, I lead efforts to ensure the company’s products and services comply with rigorous security policies, guidelines, and industry best practices. My role combines leadership, technical expertise, and strategic oversight to uphold the integrity, confidentiality, and security of Rakuten Symphony’s offerings in the telecom infrastructure, cloud and cloud-native space.

Key Responsibilities:

Security Compliance & Policy Enforcement: Led initiatives to ensure Rakuten Symphony’s products and solutions align with internal and external security standards, privacy regulations, and cybersecurity frameworks. Ensuring that Rakuten’s 5G O-RAN product variants are thoroughly tested against security guidelines established by the O-RAN Alliance and 3GPP. This includes ensuring that both virtual RAN (vRAN) and Cloud Native RAN architectures are secure, resilient, and aligned with global standards for telecommunications security.

Security Strategy & Roadmap: Collaborated with senior leadership to shape security strategies, providing input on product roadmaps and embedding security into all phases of the development lifecycle.

Platform & Application Security: Expertise in securing diverse platforms (bare metal, cloud, cloud-native) and applications, leveraging best practices in code review, secure development lifecycle (SDLC), and security testing to ensure resilience against cyber threats.

Security Testing Framework: Implementing and maintaining a comprehensive security testing framework tailored to the unique needs of 5G O-RAN products. This includes identifying potential attack vectors specific to 5G networks (e.g., protocol vulnerabilities, interface attacks, etc.) and testing the resilience of the system through various scenarios, including DoS/DDoS, unauthorized access, and data breaches.

Security Test Planning & Execution: Spearheading the development of detailed security test plans for all 5G product variants, including the CU and DUcomponents. These plans cover all aspects of security, including penetration testing, vulnerability assessments, stress testing, and compliance validation against security frameworks like 3GPP TS 33.501 (security architecture) and O-RAN security specifications.

Leadership in Security Testing: Leading and mentoring a high-performing security testing team to ensure that all 5G RAN/O-RAN products meet Rakuten’s assurance and compliance security requirements. Overseeing the implementation of best-in-class security practices to safeguard Rakuten's 5G products.

Vulnerability Management: Managing the full lifecycle of vulnerability management operations across all product variants (including Host OS, Cloud, Docker, and Kubernetes). This involves identifying, assessing, prioritizing, and remediating security vulnerabilities to ensure the integrity and security of the entire product ecosystem.

Risk Identification & Mitigation: Identifying security weaknesses and potential vulnerabilities in the 5G product variants and ensuring appropriate mitigation measures are implemented. This also involves prioritizing risks based on their potential impact on the network and advising on corrective actions or necessary security enhancements.

Threat Modeling for 5G Open RAN Products: Conducted comprehensive threat modeling to assess security risks and vulnerabilities in 5G Open RAN (Radio Access Network) architecture and its components, including RAN interfaces, hardware, software, and virtualized environments.

Penetration Testing & Port scanning: Proficient in conducting comprehensive penetration testing to identify vulnerabilities in systems, applications, and networks. Strong ability to perform vulnerability assessments, prioritize risks, and provide actionable recommendations for remediation.

DoS & DDoS Protection: In-depth knowledge and hands-on experience with mitigating Denial of Service (DoS) and Distributed Denial of Service (DDoS) attacks, using techniques such as rate-limiting, firewalls, and advanced intrusion prevention systems (IPS) to ensure system availability and performance under attack.

Network Security: Advanced expertise in securing networks and protocols, including the implementation of firewalls, intrusion detection/prevention systems (IDS/IPS), Virtual Private Networks (VPN),and encryption technologies to safeguard data in transit.

Security Vulnerability Scanning Expertise:Proficient in utilizing advanced security scanning tools such as Nessus, Tenable.sc, Prisma Cloud, and JFrog Xray to conduct comprehensive vulnerability assessments. Experienced in identifying, analyzing, and prioritizing security risks across various environments, ensuring timely remediation to strengthen network and application security. Skilled in leveraging these tools for continuous monitoring, threat detection, and ensuring compliance with industry standards.

Stress & Malware Testing: Proficient in performing stress testing to evaluate system robustness under extreme conditions, as well as conducting malware testing to identify potential security threats and vulnerabilities posed by malicious software.

End-to-End System Security: Collaborating with teams working on 5G O-RAN products deployed on various cloud platforms (including OpenStack, VMware, AWS) and Cloud Native environments (including Docker& Kubernetes) to ensure comprehensive end-to-end security coverage across all layers of the system architecture.

Data Privacy Protection & Information Security:Strong background in data privacy protection laws and frameworks (such as GDPR, CCPA) and experienced in implementing information securityprotocols to safeguard sensitive data, prevent unauthorized access, and ensure compliance with relevant regulations.

Cross-Team Collaboration: Coordinating with product development teams, architects, and system engineers to align the security testing process with the product lifecycle. This includes offering insights and feedback to ensure that security is integrated from the early stages of product development, through to deployment and post-deployment monitoring.

· Compliance Audits & Reporting: Leading the compliance audits for 5G products, ensuring that they meet both internal and external security requirements. I also oversee the creation of detailed security reports and documentation that provide clear visibility into the product's security posture and compliance status. These reports are crucial for both internal stakeholders and external auditors or regulatory bodies.

Continuous Improvement: Actively seeking opportunities to improve the security testing methodology and adapting to the constantly evolving security landscape in the 5G telecom industry. This includes staying updated on the latest research, industry trends, and evolving standards from bodies like the O-RAN Alliance, 3GPP, and other security forums to ensure Rakuten’s 5G O-RAN products remain secure and compliant.

Mentorship & Team Development: Mentored junior testers and provided training on best practices in cybersecurity testing. Developed and delivered workshops to improve the team’s knowledge of new 5G security protocols, threat vectors, and cybersecurity testing tools.

Working Experience:

As a Cybersecurity Compliance Manager for 5G Open RAN technologies, my role focused on ensuring that all 5G RAN (Radio Access Network) and Open RAN product offerings complied with stringent cybersecurity and regulatory standards. I led a team and collaborated across departments to ensure that security policies were embedded throughout the product lifecycle, from design and development to deployment and maintenance.

Key Responsibilities:

Cybersecurity Compliance Leadership: Spearheaded the development, implementation, and enforcement of cybersecurity compliance strategies for 5G Open RAN technologies. This involved ensuring that the Open RAN architecture and its components adhered to international security standards, industry regulations, and best practices (such as O-RAN Alliance specifications, 3GPP security standards, and ISO/IEC 27001).

Security Risk Management: Led the risk assessment and risk mitigation process for all Open RAN products, identifying potential security vulnerabilities and compliance gaps. I ensured that all identified risks were addressed in accordance with both internal company policies and regulatory requirements.

Regulatory & Industry Standards Adherence: Managed compliance with key regulatory requirements and security standards, including GDPR, NIST, OWASP, 3GPP, and O-RAN Alliance specifications. Led efforts to align Open RAN products with these frameworks, ensuring products meet industry certification standards and pass audits successfully.

Third-Party Risk Management: Managed third-party cybersecurity risk by conducting vendor assessments, ensuring that external vendors and service providers aligned with Rakuten’s security policies and compliance requirements.

Penetration Testing & Vulnerability Assessments: Designed and executed comprehensive penetration testing and vulnerability assessments to identify security weaknesses across various layers of the 5G O-RAN stack.

End-to-End Security Testing: Managed end-to-end cybersecurity testing of 5G Open RAN technologies, covering the entire network and application architecture.

Test Plan Development & Execution: Developed and maintained detailed test plans and test strategies for all cybersecurity test activities, ensuring that each test was aligned with both the product development lifecycle and security compliance requirements. Created realistic attack scenarios to validate system security under real-world conditions.

Automated Security Testing Integration: Championed the integration of automated security testing tools within the CI/CD pipeline to streamline and accelerate vulnerability identification and remediation in the development process. This included setting up continuous security testing and vulnerability scanning in development and production environments.

Network Security & DDoS Protection Testing: Conducted network security testing, including simulating DoS/DDoS attacks to ensure system resilience against high-traffic scenarios. Validated intrusion detection systems (IDS)and intrusion prevention systems (IPS) to ensure that the network remained operational during large-scale cyberattacks.

Security Risk Management & Reporting: Identified and reported on security risks and vulnerabilities, providing clear, actionable insights to product teams for remediation. Managed detailed test reports, highlighting critical vulnerabilities, risk levels, and recommended mitigation strategies.

Incident Response and Remediation: Actively participated in security incident response processes, providing expertise in diagnosing and mitigating security vulnerabilities found during testing. Coordinated with development teams to resolve security issues in a timely manner and minimize the impact of discovered vulnerabilities.

Cybersecurity Awareness & Training: Developed and delivered comprehensive security compliance training to internal teams (engineering, operations, legal, and others) to promote a security-first culture. Ensured that teams were well-versed in regulatory changes and compliance requirements relevant to 5G technologies.

Working Experience:

As a Security Test Architect specializing in IMS (IP Multimedia Subsystem) products within the telecommunications sector, my role was focused on designing, implementing, and managing comprehensive security testing frameworks and strategies for IMS-based solutions. My responsibilities encompassed ensuring the security of IMS products through structured testing methodologies, risk assessment, vulnerability management, and compliance with industry security standards.

Key Responsibilities:

Security Test Strategy & Architecture Design: Led the design and implementation of robust security testing strategies for IMS-based products, ensuring that security is embedded throughout the product lifecycle. Developed security test architectures that aligned with the organization’s broader security objectives and compliance requirements.

Compliance & Regulatory Standards: Ensured that IMS products adhered to industry standards and regulatory requirements, such as 3GPP, OWASP, ISO/IEC 27001, and NIST. Led security audits and ensured that IMS products met the necessary compliance criteria for data protection, privacy, and network security.

Risk Assessment & Vulnerability Management: Conducted risk assessments and vulnerability analysis for IMS components and their integration with other network elements. Managed the end-to-end process of identifying, categorizing, and mitigating vulnerabilities in both the IMS core and the access network.

Penetration Testing & Threat Modeling: Led and coordinated penetration testing efforts targeting IMS network elements (e.g., Call Session Control Function (CSCF), Application Servers (AS), Media Servers (MS)) and the interfaces between IMS and external networks (SIP, Diameter, etc.). Developed and executed threat models to simulate potential attack vectors and assess the system’s resilience against known and emerging threats.

Security Test Planning & Execution: Designed detailed security test plans and test cases to validate the security posture of IMS products. Ensured all aspects of security were tested, including authentication, authorization, confidentiality, integrity, and availability of the IMS network elements.

Security Requirements Definition: Collaborated with product management, engineering, and compliance teams to define security requirements for new IMS product features and enhancements. Worked with cross-functional teams to ensure that security requirements were understood and embedded into the design and development phases of IMS product development.

Incident Response & Post-Testing Analysis: Provided expertise in incident response for any security incidents identified during testing. Analyzed security flaws and vulnerabilities discovered through testing and led remediation efforts in collaboration with development teams. Ensured that issues were resolved before the product was deployed to production.

Security Monitoring & Reporting: Managed security reporting for senior management and stakeholders, providing insights on the results of security testing and the overall security posture of IMS products. Reported on critical vulnerabilities, the impact of security risks, and the status of ongoing remediation activities.

Collaboration with External Partners: Worked with external vendors, service providers, and telecom operators to ensure that IMS-based solutions were compliant with external security standards and properly integrated with other network elements in a secure manner.

Security Training & Mentorship: Provided training and mentorship to junior security testers and architects. Delivered workshops and created knowledge-sharing resources on security testing best practices for IMS solutions, network security, and emerging security threats in the telecom industry.

Leading Technical Testing Team: Led and provided technical guidance to a highly skilled testing team to ensure that the CFX5000 IMS product was compliant with Nokia's stringent security requirements. This included ensuring the product met industry standards such as ISO 27001, NIST, and GDPR security requirements. Ensured comprehensive coverage of security best practices for data protection and regulatory compliance across all stages of product development and deployment.

End-to-End System Security on Multiple Platforms: Worked on CFX5000 product deployment across a variety of environments, including BareMetal (DELL, HP, ATCA HW), Cloud (OpenStack, VMWare), and Cloud Native (Docker, Kubernetes) platforms. Ensured that each deployment environment had end-to-end security coverage, validating security across all system layers—from hardware to cloud and cloud-native components.

System Vulnerability Exposure & External Attack Resilience: Focused testing efforts on exposing potential system vulnerabilities and validating the product’s resilience to external attacks, including port scanning, to identify open ports and unauthorized entry points. Conducted penetration testing to evaluate the system’s ability to withstand various attack scenarios.

DDoS Protection & Safeguarding: Ensured that the CFX5000 product was protected against Denial of Service (DoS) and Distributed Denial of Service (DDoS)attacks by simulating large-scale attacks and validating the system’s defense mechanisms against these threats. Evaluated the scalability of the product to ensure uninterrupted service during high-traffic conditions.

Platform Security Hardening & Vulnerabilities Testing: Conducted platform security hardening testing to ensure that the CFX5000 product adhered to industry best practices for system hardening. Additionally, tested the product for web vulnerabilities (e.g., SQL injection, cross-site scripting) to ensure that web-facing components were secure.

Container Image Vulnerability Scanning: Utilized Anchore to perform vulnerability scanning of container images, ensuring that security risks within containerized environments were identified and mitigated. Collaborated with DevOps teams to integrate vulnerability scanning into the CI/CD pipeline.

Cloud Infrastructure Security (CBAM & CBIS): Worked extensively with Nokia CBAM (Cloud-Based Architecture Management) and CBIS (Cloud-Based Infrastructure Services) to ensure the CFX product family adhered to security best practices in cloud environments. This involved working on both security configuration and compliance within the cloud infrastructure.

Automation Framework (Robot): Utilized the Robot Framework to automate testing processes for the CFX5000 product family, ensuring consistent and repeatable security tests. This automation not only enhanced testing efficiency but also ensured comprehensive coverage for regression testing, particularly in cloud and containerized environments.

Working Experience:

Worked on Nokia’s Single RAN product line with a focus on Platform Security, Application Security, Penetration Testing, Vulnerability Assessment, Network Security, and Data Privacy Protection. Ensured product compliance with Nokia security policies and DFSec (Design for Security)requirements across Flexi family RAN products.

My role involved driving comprehensive security testing efforts across platform security, application security, network security, and data privacy protection for RAN solutions, while identifying vulnerabilities and ensuring robust defenses against cyber threats.

Key Responsibilities:

Security Policy Compliance: Worked as a security specialist to ensure that the Single RAN product adhered to Nokia's security policies, guidelines, and industry security standards such as ISO/IEC 27001 and NIST. I led the initiative to assess and validate security compliance across all product layers to guarantee end-to-end protection.

High-Level Design & Test Strategy Preparation: Spearheaded the design and planning of security testing strategies, ensuring that the Single RAN product complied with DFS (Design for Security) requirements. This involved preparing test scenarios based on potential security risks and modeling real-world attack scenarios to assess system weaknesses.

Identifying Test Content & Scenarios for New Features: Identified test content and scenarios for new features of RAN products, ensuring that all potential security flaws and vulnerabilities in the feature development process were addressed. I worked closely with engineering teams to ensure that security testing was integrated into the development lifecycle from the outset.

System Vulnerability Scanning: Identified and tested the system’s resistance to various vulnerabilities such as insecure configurations, unauthorized access, and exploitable bugs.

External Attack Resilience: Evaluated the system's robustness to external attacks, simulating various attack vectors, including Denial of Service (DoS), Distributed Denial of Service (DDoS), SQL injection, and cross-site scripting (XSS).

Functional Testing & Platform Security Hardening: Led functional security testing efforts, ensuring that RAN systems adhered to best practices in platform security hardening. Focused on eliminating potential risks associated with platform configurations, permissions, and user access.

Web Vulnerabilities Testing: Conducted thorough web vulnerabilities testing, ensuring that the RAN solution's web interfaces were secure from common web-based threats such as cross-site scripting (XSS), SQL injection, and session hijacking.

Vulnerability Assessment Using Tenable.sc/Nessus PRO: Used tools like Tenable.sc and Nessus PRO to perform vulnerability assessments and identify potential weaknesses in the system. I generated reports detailing the discovered vulnerabilities, prioritized them based on risk severity, and proposed mitigation strategies to reduce the security risks associated with each vulnerability.

Analysis and Recommendations for Mitigating Vulnerabilities: Analyzed security findings from assessments and testing and provided detailed recommendations to mitigate identified vulnerabilities. Worked closely with development and operations teams to ensure that recommended changes were implemented effectively and that security fixes were applied in a timely manner.

Risk Assessment & Threat Modeling: Conducted risk assessments and threat modeling for the network architecture of the Single RAN product, identifying potential threat vectors, vulnerabilities, and attack surfaces. I worked with the security architecture team to define mitigation strategies and ensure that the network architecture was resilient to security threats.

E2E System-Level Testing for Platform Violations: Conducted end-to-end (E2E) system-level security testing on RAN products, particularly focusing on platform security violations. This included validating the security of various system components and ensuring that any vulnerabilities or configuration errors at the platform level were identified and addressed.

Automation with Robot Framework: Utilized Robot Framework for automating security tests, including functional security tests, vulnerability scanning, and regression testing. The integration of Robot Framework in the testing pipeline allowed for more efficient, consistent, and repeatable testing, reducing human error and increasing test coverage.

Key Responsibilities:

Led a team of 8 engineers in the Integration & Verification (I&V) of multiple technologies, including WCDMA, GSM, and LTE. Managed the testing of BTS System Modules (SM) and various Radio Modules (RFM), ensuring full functionality across multiple platforms.

Focused on planning and executing both New Features and Regression Test Cases (TCs), with responsibility for case execution and pronto (bug) reporting for RU50, RU50 EP1, RG40, GF16, GFC, GF16.5, SBTS, and IoT.

Led Single RAN System Integration & Verification (I&V) for live SRAN networks, covering WCDMA, GSM, and LTE technologies, ensuring alignment with Nokia & 3GPP specifications, particularly in radio cluster integration and ensured timely execution of tests and provided detailed analysis and reports for effective problem resolution.

Initiated work on Cloud BTS (SBTS), IoT, and 5G, expanding expertise in cutting-edge telecom technologies.

Directed the I&V team for RU50 & RG40 projects, focusing on Radio Resource Management (RRM), BTS Solutions (BS), Control Plane (CP), Telecom (TCOM), Baseband (BB), and DSP domains.

Oversaw comprehensive testing areas, including Functionality, Feature, Regression, Release, Ad Hoc, Continuous Integration (CI), Inheritance, and Performance Testing.

Led Performance (EDGE) testing within the GSM domain, ensuring optimized performance.

Directed a major new feature initiative: 3RAT RF Sharing, VSWR Monitoring, and BCCH Energy Savings, integrating WCDMA, GSM, and LTE technologies within a shared Radio Module resource.

Prepared detailed Feature Documents, Test Case Plans, Execution Reports, Pronto Reports, and QC Reporting through P7 closure.

Managed Regression, New Feature, and Performance Testing up to BTS/NodeB I&V level.

Contributed to the Single RAN 16 releases for WCDMA 16 & GSM16, ensuring thorough testing and validation.

Conducted Protocol Analysis of interfaces in WCDMA System Architecture (NBAP, Abis, MAC, RLC, RRC).

Delivered Technical Training and Mentorship to I&V teams, particularly within the WCDMA domain.

Coordinated Root Cause Analysis and fault resolution as the I&V Fault Coordinator, driving improvements in internal I&V processes.

Key Responsibilities:

Solely managed Node-B-related escalations across India, providing timely solutions for both NSN field engineers and customers, ensuring smooth project delivery.

Provided technical support and product demonstrations to 8 major customers, resulting in recognition as a top performer within the Network Implementation (NI) team for exceptional Node-B support.

Acted as the central solution expert for NSN’s 3G Solution Team, handling all Node-B issues and providing end-to-end technical solutions across various domains.

Delivered comprehensive WCDMA product training to field engineers before network rollouts, enhancing deployment efficiency.

Led WCDMA trial and pilot projects and conducted hardware demonstrations to customers.

Supervised and planned 3G network deployment projects across India, ensuring timely and efficient rollouts.

Provided end-to-end technical support for Node-B to RNC connectivity, including troubleshooting and resolution of connectivity issues.

Supported installation and commissioning of WCDMA Node-B, transmission equipment, RNC, and Core nodes (MSS, HLR, MGW, SGSN, GGSN, Cisco & Juniper Routers).

Prepared technical documentation and product support materials for customers and vendors, ensuring smooth product line introduction and deployment.

Key Responsibilities:

Led a team of 8 engineers and technicians in the implementation of telecom infrastructure and BTS installations.

Managed end-to-end deployment of BTS sites, including installation, commissioning, and integration of Ericsson RBS models (2202, 2206, 2216, 2964).

Conducted site surveys for Vodafone network swap projects to assess technical feasibility and requirements.

Supervised GSM and microwave antenna installation, M/W link alignment, and indoor/outdoor BSS setup.

Performed VSWR and return loss measurements using Anritsu and Bird Site Master equipment.

Oversaw traffic routing between BSC and BTS; handled alarm extensions and transmission node integration.

Coordinated with Ericsson and Vodafone teams for site planning, installation, and project execution.

Ensured timely project delivery while supporting vendors and maintaining quality and safety standards.

Key Responsibilities:

Managed end-to-end deployment of telecom infrastructure and BTS (Base Transceiver Station) sites for BSNL’s GSM network in the Chhattisgarh Circle.

Supervised all phases of network rollout—from site excavation and civil works to installation, commissioning, and final on-air activation.