- Location
- Remote, UK
- Workplace
- Remote
- Department
- Security
- Seniority
- Senior
- Source
- Pinpoint
Description
Senior Security Control Manager
Department: Connectivity
Employment Type: Permanent
Location: Remote, UK
Description
Key Responsibilities
- Lead delivery of Telecoms Security Act compliance activities.
- Coordinate responses to Ofcom information requests and regulatory submissions.
- Interpret TSA Code of Practice measures and translate into business and technical actions.
- Partner closely with Core Engineering, Voice, OSS, Operations, Procurement and IT & Security teams to gather required information.
- Review and validate technical, architectural, and operational evidence.
- Provide effective, evidence-based challenge and ensure submissions are complete, accurate, and aligned to regulatory expectations.
- Identify gaps in evidence, control weaknesses, and areas requiring remediation.
- Assess adequacy of compensating controls where full compliance is not achieved.
- Apply risk scoring in line with Nasstar’s risk management framework.
- Focus on risks impacting Security Critical Functions and supporting network oversight capabilities.
- Align TSA requirements with broader frameworks such as NCSC CAF, ISO 27001 and HSCN.
- Support governance reporting and risk committee discussions.
- Contribute to the development of internal assurance and control frameworks.
- Review and advise on supplier contracts to ensure security obligations are appropriate and enforceable.
- Support Legal & Procurement with security requirements and risk considerations.
- Contribute to third-party risk and assurance activities.
Skills, Knowledge and Expertise
- Telecoms or network service provider environments
- Cyber security, network security, or infrastructure security
- Risk, compliance, or regulatory assurance within technology functions
- Supporting or responding to regulatory frameworks (e.g. TSA, NCSC CAF, ISO 27001, NIS)
Ability to engage with asset owners and technical SMEs to:
- Extract relevant control evidence
- Validate that controls are appropriately designed and operating
- Challenge where control coverage or assurance appears insufficient
(ISC)² / ISACA:
CISSP – Certified Information Systems Security Professional CISM
Certified Information Security Manager CRISC
Certified in Risk and Information Systems Control
Industry Network Security Certifications (desirable):
CCNP Security / CCSP / CCNA Security CompTIA Security+ / Network+
Equivalent vendor or industry-recognised certifications
Experience within a regulated telecoms environment, particularly under either Telecoms Security Act (TSA) or Ofcom regulatory engagement.
Benefits
- 25 days’ holiday (excluding bank holidays) + Your Birthday Off
- Flexible working – it’s important to maintain a work/life balance, as such, we will consider any written request for flexible working
- Virtual working – we practice what we preach and empower our people to work remotely
- Top tech – Leading services and solutions aren’t just for our clients; we supply best-of-breed software and hardware for all our staff too
- 4x annual salary life assurance
- Health cash plan
- Retail discounts and other perks from major brands