Senior Technical Advisor - Cyber Security
Posted on Mar 24, 2021 by Ofcom
Working closely with other members of the Network Security team, this role is responsible for establishing and supporting the roll out of a network security regime for the communication providers. The role will require in depth knowledge of communication providers and demonstrate technical insights to help develop and implement guidance on network topology, security, operations and processes so that Ofcom's policy position and approach to the regulation of these new network security requirements is effective appropriate and measurable. This role provides technical insights and supports the delivery of telecoms security framework for Communications Providers
Requirements of role
- You'll be integral to the roll out, management and monitoring of a programme promoting the adoption of the new legislation underpinning the TSR. This will include maintaining and supporting a compliance monitoring regime that will provide annual report to the SOS (Secretary of State) for DCMS . This will include, supporting the development and drafting a "code of Practise", compliance guidance, and requesting evidence to support CP assessment including carrying out and/or managing compliance assessments against that "code" .
- You'll work with other members of the team in responding to and assessing telecoms and digital infrastructure company responses to security and resilience incidents that occur in their infrastructure which are reported to Ofcom.
- You'll collaborate with our colleagues in other Ofcom investigations teams to provide technical support in relation to any enforcement activity.
- You'll partner with industry stakeholders, Government and other relevant agencies to ensure policy goals are aligned and effectively coordinated.
Skills, Knowledge and experience
- You'll have experience of carrying out security assurance assessments/audits and managing remediation plans, within the Communication Provider/Telco and mobile sector.
- You'll understand the types of threat actors that would target Ofcom's regulated sector and cyber security threats they present.
- You'll be capable of evaluating technical vulnerabilities and identifying reasonable and appropriate control measures.
- You'll have experience across cyber security risk management domains: strategy; governance and risk management; protection, detection, response, recovery and resumption of services; situational awareness; testing.
- You'll understand network topologies including fixed and mobile.
- You'll have in-depth technical knowledge of Supply chain management and vendor contractual arrangements.
- You'll have experience in the practical application of leading cyber standards and guidance (i.e. 10 Steps to Cyber Security).
- You'll maintain an ongoing awareness of current and emerging telecoms technologies, perhaps through training, industry liaison and identifying, commissioning and managing specific external technical research projects.
- You'll have an excellent level of written and oral communication skills.
- You'll have an appreciation of, and desire to promote, Ofcom's values.
You may also have:
- Experience and understanding of managing and monitoring security assurance programmes.
- Experience of project management including developing and delivering against plans, managing risks and issues along the way.
- An appreciation of one or more of these technical areas:
- Virtualisation of telecoms networks functions
- Telecoms signalling systems
- Third party network access
- User identity management
- Asset management
- Auditing and testing
- An appreciation of the regulatory environment.
- Preferably educated to degree level (or equivalent).
- Relevant professional qualifications, such as such as CiSP or CISM
- Competitive Salary
- Market-Leading Pension Scheme
- Private Medical
- Group Income Protection
- Life Assurance
- Flexible Working
- 25 Days Holiday + Birthday Day Off