Role: Security Consultant
Division: Consulting & Implementation (C&I)
Role Purpose
Our world is getting ever more dependent on connectivity, and this is your opportunity to join our Telecommunications Assurance Practice, focussed on delivering world-class cyber security assurance services to help our telecoms industry customers worldwide improve the cyber resilience of their networks and services.
Typical role duties will include security assurance activities such as penetration testing, security analysis, and cutting-edge research into current and evolving network systems and attacks broadly, but with a specific focus on the unique operations of a telecoms industry customer.This work may also include working closely with our risk assurance colleagues to assist customers in achievingtechnical compliance with regulatory schemes such as the UK Telecommunication Security Act (TSA).
You’ll need to have experience of working within a telecoms environment, ideally in security role though this isn’t always a requirement. You may have, for example, worked as an engineer in a mobile operator, as a network architect in a fixed line operator or as a test engineer in a network equipment manufacturer in which case you would need to have a good understanding of network security and a drive to learn more. You may already work in a security-related role and are looking to join a leading team of telecommunications security professionals to develop your experience.
Key Accountabilities
You will spend most of your day thinking about telecommunications systems and how you can expose vulnerabilities that may be used to undermine their operation. This is a very creative job that gives individuals a lot of freedom to be innovative while learning new technologies at a very fast pace.
Engagements could include testing of mobile networks (2-5G), fixed line networks (broadband), optical, transmission or microwave. NCC Group works with operators and vendors globally in assuring their networks or systems.
Typical engagements will pair you with another experienced security consultant, and you will learn from each other along the way. Engagements are usually 2-4 weeks long though can be significantly longer owing to the complexities of the technologies used.
You will also be a security researcher, with dedicated research time, focussed on telecommunications-related areas of interest (e.g. AI based network automation, container use in NFVi, protocol robustness etc.).
The work that you do will have enormous impact in making the often critical, telecommunications systems people use more resilient and safer.
Activities
Deliver security assurance to telecoms customers globally. This may include:
1. Penetration Testing
2. Applied Research
3. Scenario-based testing
4. Threat-Intelligence led Red Teaming
5. Technical input to support regulatory compliance
6. Any other type of bespoke security assurance required
Depending on the job level, you may also need to:
7. Lead complex multi-week or multi-month client engagements
8. Participate in scoping efforts when proposing work for telecommunications projects
9. Mentor other consultants in your areas of expertise
10. Perform final review on deliverables such as reports and whitepapers
What we are looking for in you:
11. Hands-on experience of testing telecommunications networks and systems
12. A good understanding of network security (e.g. VLANs, Firewalls etc.)
13. Network Security Assessments
14. Security Design Reviews
15. Threat modelling and attack surface enumeration
16. Network protocol reverse engineering
17. Web application security assessment
18. Low-Level application security assessment (firmware, kernel)
19. Exploit research and development
20. Kubernetes security principles
21. NFV technologies including virtualisation (VMWare or OpenStack etc.)
Behaviors
22. Focusing on Clients and Customers.
23. Working as One NCC.
24. Always Learning.
25. Being Inclusive and Respectful.
26. Delivery Brilliantly.
27. Enabling Performance
28. Looking Externally
Why NCC Group?
At NCC Group, our mission is to create a more secure digital future. That mission underpins everything we do, from our work with our incredible clients to groundbreaking research shaping our industry. Our teams' partner with clients across a multitude of industries, delving into, securing new products, and emerging technologies, as well as solving complex security problems. As global leaders in cyber and escrow, NCC Group is a people-powered business seeking the next group of brilliant minds to join our ranks.
Our colleagues are our greatest asset, and NCC Group is committed to providing an inclusive and supportive work environment that fosters creativity, collaboration, authenticity, and accountability. We want colleagues to put down roots at NCC Group, and we offer a comprehensive benefits package, as well as opportunities for learning and development and career growth. We believe our people are at their brilliant best when they feel bolstered in all aspects of their well-being, and we offer wellness programs and flexible working arrangements to provide that vital support.
What do we offer in return?
We have a high-performance culture which is balanced evenly with world-class well-being initiatives and benefits;
⏰Flexible working
Financial & Investment
29. Pension
30. Life Assurance
31. Share Save Scheme
32. Maternity & Paternity leave
Community & Volunteering Programmes
⚡ Green Car Scheme
Cycle Scheme
Healthcare
️ Office Lifestyle
Employee Referral Program
Lifestyle & Wellness
Learning & Development
Diversity & Inclusion
So, what’s next?