Mar 31, 2021Full time
Ofcom exists to make communications work for everyone. We regulate the TV, radio and video-on-demand sectors, fixed and mobile telecoms, postal services, plus the airwaves over which wireless devices operate. We are also helping to inform the ongoing debate about the future of online regulation. Our culture is shaped by four corporate values: excellence, agility, collaboration and empowerment. Purpose of role Working closely with other members of the Network Security team, this role is responsible for establishing and supporting the roll out of a network security regime for the communication providers. The role will require in depth knowledge of communication providers and demonstrate technical insights to help develop and implement guidance on network topology, security, operations and processes so that Ofcom's policy position and approach to the regulation of these new network security requirements is effective appropriate and measurable. This role provides technical insights and supports the delivery of telecoms security framework for Communications Providers Requirements of role You'll be integral to the roll out, management and monitoring of a programme promoting the adoption of the new legislation underpinning the TSR. This will include maintaining and supporting a compliance monitoring regime that will provide annual report to the SOS (Secretary of State) for DCMS . This will include, supporting the development and drafting a "code of Practise", compliance guidance, and requesting evidence to support CP assessment including carrying out and/or managing compliance assessments against that "code" . You'll work with other members of the team in responding to and assessing telecoms and digital infrastructure company responses to security and resilience incidents that occur in their infrastructure which are reported to Ofcom. You'll collaborate with our colleagues in other Ofcom investigations teams to provide technical support in relation to any enforcement activity. You'll partner with industry stakeholders, Government and other relevant agencies to ensure policy goals are aligned and effectively coordinated. Skills, Knowledge and experience You'll have experience of carrying out security assurance assessments/audits and managing remediation plans, within the Communication Provider/Telco and mobile sector. You'll understand the types of threat actors that would target Ofcom's regulated sector and cyber security threats they present. You'll be capable of evaluating technical vulnerabilities and identifying reasonable and appropriate control measures. You'll have experience across cyber security risk management domains: strategy; governance and risk management; protection, detection, response, recovery and resumption of services; situational awareness; testing. You'll understand network topologies including fixed and mobile. You'll have in-depth technical knowledge of Supply chain management and vendor contractual arrangements. You'll have experience in the practical application of leading cyber standards and guidance (i.e. 10 Steps to Cyber Security). You'll maintain an ongoing awareness of current and emerging telecoms technologies, perhaps through training, industry liaison and identifying, commissioning and managing specific external technical research projects. You'll have an excellent level of written and oral communication skills. You'll have an appreciation of, and desire to promote, Ofcom's values. You may also have: Experience and understanding of managing and monitoring security assurance programmes. Experience of project management including developing and delivering against plans, managing risks and issues along the way. An appreciation of one or more of these technical areas: Virtualisation of telecoms networks functions Telecoms signalling systems Third party network access User identity management Asset management Auditing and testing An appreciation of the regulatory environment. Qualifications Preferably educated to degree level (or equivalent). Relevant professional qualifications, such as such as CiSP or CISM Benefits Competitive Salary Flex-Allowance Market-Leading Pension Scheme Private Medical Group Income Protection Life Assurance Flexible Working 25 Days Holiday + Birthday Day Off Diversity and Inclusion Ofcom is a forward-thinking, inclusive employer and recognises the value of diversity to truly "make communications work for everyone". We welcome applications from suitably qualified applicants whatever their background, especially women, disabled and Black, Asian and Minority Ethnic background candidates as they are currently under-represented in our workforce. As a Disability Confident employer we guarantee to interview any disabled applicant who meets the essential selection criteria. We have an agile working model allowing us to have a location-neutral approach to filling our roles. We also support flexible ways of working, wherever possible. Our colleagues are free to move around all our offices, enabling them to work alongside and collaborate with other teams and groups. These initiatives help Ofcom colleagues to work flexibly in way that supports them.