Nasstar

Senior Security Control Manager

Nasstar  •  Remote  •  3 hours ago
Apply
AI can make mistakes so check important info. Chat history is never stored.

Job Description

Senior Security Control Manager

Department: Connectivity

Employment Type: Permanent

Location: Remote, UK

This role is responsible for leading Nasstar’s compliance with the Telecoms Security Act (TSA) and associated Ofcom regulatory requirements, ensuring the organisation can evidence a robust and defensible security posture.

As a key member of the Risk & Compliance function, this role operates at the intersection of regulation and technology, partnering closely with engineering, security, and operational teams to translate regulatory expectations into practical, real-world control effectiveness.

This is a high-impact role with visibility across senior stakeholders and direct relevance to the protection of critical national infrastructure.

Key Responsibilities

TSA Compliance & Regulatory Engagement ·
  • Lead delivery of Telecoms Security Act compliance activities.
  • Coordinate responses to Ofcom information requests and regulatory submissions.
  • Interpret TSA Code of Practice measures and translate into business and technical actions.
Technical Assurance & Evidence Validation
  • Partner closely with Core Engineering, Voice, OSS, Operations, Procurement and IT & Security teams to gather required information.
  • Review and validate technical, architectural, and operational evidence.
  • Provide effective, evidence-based challenge and ensure submissions are complete, accurate, and aligned to regulatory expectations.
Risk & Control Assessment
  • Identify gaps in evidence, control weaknesses, and areas requiring remediation.
  • Assess adequacy of compensating controls where full compliance is not achieved.
  • Apply risk scoring in line with Nasstar’s risk management framework.
  • Focus on risks impacting Security Critical Functions and supporting network oversight capabilities.
Framework Alignment & Governance
  • Align TSA requirements with broader frameworks such as NCSC CAF, ISO 27001 and HSCN.
  • Support governance reporting and risk committee discussions.
  • Contribute to the development of internal assurance and control frameworks.
Third-Party Security & Contractual Oversight
  • Review and advise on supplier contracts to ensure security obligations are appropriate and enforceable.
  • Support Legal & Procurement with security requirements and risk considerations.
  • Contribute to third-party risk and assurance activities.

Skills, Knowledge and Expertise

Experienced in one or more of the following areas:
  • Telecoms or network service provider environments
  • Cyber security, network security, or infrastructure security
  • Risk, compliance, or regulatory assurance within technology functions
  • Supporting or responding to regulatory frameworks (e.g. TSA, NCSC CAF, ISO 27001, NIS)
Experience operating in a second line (GRC) or assurance capacity, rather than hands-on engineering or operational delivery

Ability to engage with asset owners and technical SMEs to:
  • Extract relevant control evidence
  • Validate that controls are appropriately designed and operating
  • Challenge where control coverage or assurance appears insufficient
At least one certification from the following:
(ISC)² / ISACA:
CISSP – Certified Information Systems Security Professional CISM
Certified Information Security Manager CRISC
Certified in Risk and Information Systems Control

Industry Network Security Certifications (desirable):
CCNP Security / CCSP / CCNA Security CompTIA Security+ / Network+
Equivalent vendor or industry-recognised certifications

Demonstrated ability to interpret technical concepts and align them to security or regulatory requirements. And assess control effectiveness and identify gaps or weaknesses.

Experience within a regulated telecoms environment, particularly under either Telecoms Security Act (TSA) or Ofcom regulatory engagement.

Benefits

At Nasstar, we know the importance of looking after our employees – after all, it’s the team that underpins our business!

In addition to a competitive salary, supportive teams, and a real opportunity to progress in your career with a forward-thinking organisation, our benefits package includes:
  • 25 days’ holiday (excluding bank holidays) + Your Birthday Off
  • Flexible working – it’s important to maintain a work/life balance, as such, we will consider any written request for flexible working
  • Virtual working – we practice what we preach and empower our people to work remotely
  • Top tech – Leading services and solutions aren’t just for our clients; we supply best-of-breed software and hardware for all our staff too
  • 4x annual salary life assurance
  • Health cash plan
  • Retail discounts and other perks from major brands
Nasstar

About Nasstar

Complexity isn’t the enemy. Navigating it alone is.

For nearly three decades, Nasstar have helped organisations navigate next-generation technology with confidence.

And we don’t just build it. We can manage it too.

From keeping you connected securely to helping you get more from your data, our people spot opportunities, fix real issues, and support you every step of the way.

Industry
IT & Software
Company Size
501-1,000 employees
Headquarters
Wakefield , GB
Year Founded
1998
Social Media