Senior Technical Advisor - Telecoms Network Security

Working closely with other members of the Network Security team, you will be responsible for establishing and supporting the roll out of a network security regime for the communication providers. This role will require you to have in depth knowledge of communication providers and demonstrate technical insights to help develop and implement guidance on network topology, security, operations and processes so that Ofcom's policy position and approach to the regulation of these new network security requirements is effective appropriate and measurable. This role will require you to provide technical insights and support the delivery of a new telecoms security framework for Communications Providers

Ofcom has had responsibilities for communications network security and resilience for several years and has recently received new responsibilities in this area. In the light of the increasing economic and social significance of communications and services, the security and resilience of fixed and mobile networks and services is becoming more important and we are taking proactive steps to ensure that they are designed and operated to meet the needs and expectations of users.

Key Responsibilities include

Work with other members of the team in responding to and assessing telecoms and digital infrastructure company responses to security and resilience incidents that occur in their infrastructure which are reported to Ofcom. Ensuring enough information is present to deliver a sound security risk assessment.

Support the roll out, management and monitoring of a programme promoting the adoption of the new legislation underpinning the TSR. This will include maintaining and supporting a compliance monitoring regime that will provide annual report to the SOS (Secretary of State) for DCMS. This will include, supporting the development and drafting a "code of Practise", compliance guidance, and requesting evidence to support CP assessment including carrying out and/or managing compliance assessments against that "code".

Work with colleagues in Ofcom investigations teams to provide technical support in relation to any enforcement activity.

Work with industry stakeholders, Government and other relevant agencies to ensure policy goals are aligned and effectively coordinated., Maintains UK security clearance or is willing to undergo a vetting check (once started), as this is a requirement for the role.

Ofcom has a clear mission: to make communications work for everyone. To be able to deliver on this, we want our organisation to reflect the diversity of background, experience, upbringing and thought that exists across the UK. We aim to recruit from the widest pool of candidates possible - no matter your social background, ethnicity, sexual orientation, gender or disability.

Where positions are listed as full-time, we remain open to reduced hours, part-time arrangements, job shares, and other flexible working options. From day one, we champion flexible work arrangements to accommodate individual needs.

We also warmly welcome applicants who are returning to the workforce after a break - for whatever reason. If you have taken time away and are ready to rejoin, we look forward to reviewing your application.

Experience and understanding of conducting security assurance assessments and audits and managing remediation plans, within a Communications Provider (mobile, fixed, internet).

Understanding of the types of threat actors that would target Ofcom's regulated sector and the cyber security threats they present.

Experience with evaluating technical vulnerabilities and identifying reasonable and appropriate control measures Knowledge of vendor risk assessment and evaluation.

Experience in fixed and mobile signalling (GSM through to 5G) and virtualisation from a telecoms perspective.

Experience across all cyber security risk management domains (strategy; governance and risk management; protection, detection, response, recovery and resumption of services; situational awareness; testing).

Understanding of fixed and mobile architectures, standards and GSMA deployment guidance.

Experience in practical application of best practice as it pertains to the technology under review.

Maintaining an ongoing awareness and understanding of current and emerging telecoms technologies, including via: ongoing training, industry liaison and identifying, commissioning and managing specific external technical research projects

Knowledge and understanding of human and physical security aspects of telecoms security, particularly where they form part of the threat, or mitigation.

Written and oral communication skills including clear and effective presentation to both internal and external audiences.

Appreciation of and desire to promote Ofcom's values of excellence, agility, empowerment and collaboration.

Desirable Skills/ Experience

Experience and understanding of managing and monitoring security assurance programmes.

Experience of project management including developing and delivering against plans, managing risks and issues along the way.

Experience and understanding of some of these technical areas:

Supply chain management and vendor contractual arrangements

Third party or managed services access and security

Sound understanding of network separation and high assurance systems management.

User identity management

Asset management

Auditing and testing

If you have experience and knowledge from a telecoms provider or a vendor in any of the following, then we would particularly welcome your application:

Virtualisation of telecoms network functions

Implementation of telecoms network functions or business systems within public cloud environments

Telecoms signalling systems and monitoring/defensive arrangements

Management of cryptographic material in telecoms networks including key derivation, management, revocation, distributions and hardware roots of trusts. Not limited to sim/esim

Knowledge of the regulatory environment.

Worked in a communications provider or a technology-based consultancy for several years., Relevant professional qualifications

Ofcom is the regulator for the communications services that we use and rely on each day. We make sure people get the best from their broadband, home phone and mobile services, as well as keeping an eye on TV and radio.

We also oversee the universal postal service, which means Royal Mail must deliver and collect letters six days a week, and parcels five days a week, at an affordable and uniform price throughout the UK.

We look after the airwaves used by wireless devices like cordless phones, walkie talkies and even some car keys and doorbells.

We also help to make sure people don't get scammed and are protected from bad practices. This is particularly important for vulnerable or older people.

Our duties come from Parliament. Our priority is to look after you, and we sometimes do this by promoting competition among companies we regulate.