About this role
Phone numbers and emails in this ad are masked until you log in.
auto_translated_note
This role is responsible for leading Nasstar’s compliance with the Telecoms Security Act (TSA) and associated Ofcom regulatory
Requirements
, ensuring the organisation can evidence a robust and defensible security posture.As a key member of the Risk & Compliance function, this role operates at the intersection of regulation and technology, partnering closely with engineering, security, and operational teams to translate regulatory expectations into practical, real-world control effectiveness.This is a high-impact role with visibility across senior stakeholders and direct relevance to the protection of critical national infrastructure.
Key Responsibilities
TSA Compliance & Regulatory Engagement · Lead delivery of Telecoms Security Act compliance activities. Coordinate responses to Ofcom information requests and regulatory submissions. Interpret TSA Code of Practice measures and translate into business and technical actions.Technical Assurance & Evidence ValidationPartner closely with Core Engineering, Voice, OSS, Operations, Procurement and IT & Security teams to gather required information.
Review and validate technical, architectural, and operational evidence. Provide effective, evidence-based challenge and ensure submissions are complete, accurate, and aligned to regulatory expectations. Risk & Control AssessmentIdentify gaps in evidence, control weaknesses, and areas requiring remediation.
Assess adequacy of compensating controls where full compliance is not achieved. Apply risk scoring in line with Nasstar’s risk management framework. Focus on risks impacting Security Critical Functions and supporting network oversight capabilities.Framework Alignment & GovernanceAlign TSA
Requirements
with broader frameworks such as NCSC CAF, ISO 27001 and HSCN. Support governance reporting and risk committee discussions. Contribute to the development of internal assurance and control frameworks.Third-Party Security & Contractual OversightReview and advise on supplier contracts to ensure security obligations are appropriate and enforceable.
Support Legal & Procurement with security
Requirements
and risk considerations. Contribute to third-party risk and assurance activities. Skills, Knowledge and ExpertiseExperienced in one or more of the following areas:Telecoms or network service provider environmentsCyber security, network security, or infrastructure securityRisk, compliance, or regulatory assurance within technology functionsSupporting or responding to regulatory frameworks (e.g.
TSA, NCSC CAF, ISO 27001, NIS)Experience operating in a second line (GRC) or assurance capacity, rather than hands-on engineering or operational deliveryAbility to engage with asset owners and technical SMEs to:Extract relevant control evidenceValidate that controls are appropriately designed and operatingChallenge where control coverage or assurance appears insufficientAt least one certification from the following:(ISC)² / ISACA:CISSP - Certified Information Systems Security Professional CISM Certified Information Security Manager CRISC Certified in Risk and Information Systems Control Industry Network Security Certifications (desirable):CCNP Security / CCSP / CCNA Security CompTIA Security+ / Network+ Equivalent vendor or industry-recognised certifications Demonstrated ability to interpret technical concepts and align them to security or regulatory
Requirements
. And assess control effectiveness and identify gaps or weaknesses.Experience within a regulated telecoms environment, particularly under either Telecoms Security Act (TSA) or Ofcom regulatory engagement.
Benefits
At Nasstar, we know the importance of looking after our employees - after all, it’s the team that underpins our business!In addition to a competitive salary, supportive teams, and a real opportunity to progress in your career with a forward-thinking organisation, our
Benefits
package includes:25 days’ holiday (excluding bank holidays) + Your Birthday OffFlexible working - it’s important to maintain a work/life balance, as such, we will consider any written request for flexible workingVirtual working - we practice what we preach and empower our people to work remotelyTop tech - Leading services and solutions aren’t just for our clients; we supply best-of-breed software and hardware for all our staff too4x annual salary life assuranceHealth cash planRetail discounts and other perks from major brandsOriginally posted on Himalayas
Community Q&A
Anyone worked here? Ask before you apply.
No threads yet for this job or company.