Security Regulatory Compliance Manager

Permanent

Reading – Hybrid-working

MBNL’s mission is to create maximum value for our shareholders by delivering and managing their best network experiences at the lowest cost. The Information Security department aims to minimize the impact of security events on MBNL business outcomes and protect the value of the business.

Context:

Reporting to the Head of Information Security, the Security Regulatory Compliance Manager is integral to safeguarding the organization's assets, ensuring smooth operations, and maintaining a positive reputation with key stakeholders, regulators, and the wider industry. This role ensures MBNL's compliance with security regulations such as TSA, DPA, and CSR, supporting program delivery, security teams, and managed service providers.

This role is also fundamental in ensuring MBNL meets its regulatory obligations under TSA by maintaining its ISO27001 certification. This is a hybrid role with a minimum of 2 days per week in our Central Reading office.

What you can expect to be doing:

• Deliver security regulatory compliance and manage associated governance and risk activities.
• Manage the overall compliance programme for TSA, CSR, and DPA regulations as well as assembling evidence for continuous compliance activities such as S135 returns.
• Balance regulatory compliance with business impact, ensuring controls are effective without hindering business operations.
• Oversee Managed Service Providers (MSPs) who manage IT and security for MBNL. Ensure they meet security regulatory compliance and MBNL security requirements.
• Chair and manage various governance forums. Gain agreements, understand and communicate issues, and guide stakeholders to agreeable positions.
• Co-operate with other members of the security, commercial teams as well as the wider business to drive supply chain eco-system to improved compliance.
• Effectively maintain and improve the compliance platform (SureCloud), the workflow process and data, ensure this stays up to date with the evolving compliance and framework landscape.
• Liaise with shareholder compliance and risk teams.

What we are looking for:

• Strong understanding of key Information Security frameworks and industry standards/regulations (CSF 2, CAF, ISO27001, TSA).
• Experience of initiating, overseeing, and managing compliance programmes and interacting with regulators and compliance teams.
• Proven relationship management of diverse teams of retained resource and key partners to deliver compliance objectives and outcomes.
• Experience of formal regulatory and standards compliance in a technology industry (mobile telecommunications desirable but not essential).
• A background of assuring a wide range of security solutions and services such as SIEM, IDS, SOC, IAM, PAM, TVM.
• A history of bringing industry best practice into an organisation and using this to drive continuous improvement.
• Demonstrable experience of managing and developing compliance programmes

Nice to have:

• ISO27001 audit experience, cloud security and budget management experience
• Experience working in telco or related environment such as, SCADA and ICS or similar background also applicable.

MBNL – building strength through inclusion.

At MBNL we embrace equality, diversity, and inclusion. People are at the heart of everything we do and collectively we strive to create an environment where everyone can flourish. By fostering an inclusive environment, we are championing each other’s uniqueness. Inclusion & Diversity within MBNL will unlock innovation and continue to evolve how we work, to help us deliver world class infrastructure for our Shareholders and their customers.

We will work creatively to offer flexible working arrangements, (like non-standard hours, part-time, remote working). We want to support you to build your career without sacrificing your personal priorities.

MBNL are proud recipients of the Armed Forces Covenant Gold Award, and Disability Confident accredited.