Job Title: Penetration Tester (Telecoms) - TSA M1.02 Compliance
Location: West London (Hybrid - 2 days per week onsite)
Contract Length: 3 months
IR35 Status: Inside IR35
Job Summary:
We are seeking an experienced Penetration Tester with a strong background in telecommunications security to support compliance efforts around Telecommunications Security Act (TSA) M1.02. This role will involve conducting penetration tests, vulnerability assessments, and security evaluations to ensure the organisation meets regulatory compliance standards.
Key Responsibilities:
Perform penetration testing and vulnerability assessments on telecoms networks and infrastructure in line with TSA M1.02 requirements.
Identify security weaknesses, exploit potential vulnerabilities, and provide actionable remediation recommendations.
Support compliance activities by aligning security testing with TSA regulations.
Produce comprehensive security assessment reports detailing findings, risk levels, and mitigation strategies.
Work collaboratively with internal security teams and stakeholders to enhance security postures.
Provide expert guidance on securing telecoms environments against emerging threats.
Stay updated with evolving TSA M1.02 standards and cyber threat landscapes.
Required Skills & Experience:
Proven experience in penetration testing within telecommunications environments.
Strong knowledge of TSA M1.02 compliance and associated security controls.
Hands-on experience with security assessment tools such as Burp Suite, Metasploit, Nmap, Wireshark, and Kali Linux.
Familiarity with mobile networks (2G, 3G, 4G, 5G), VoIP, and telecoms infrastructure security.
Experience with network security testing, web application security, and cloud security assessments.
Relevant security certifications such as OSCP, CREST, GIAC, or similar.
Strong report writing and communication skills, with the ability to convey technical findings to both technical and non-technical audiences.
Ability to work both independently and collaboratively in a hybrid work environment.
Preferred Experience:
Prior experience working within a regulatory compliance framework (TSA, NIS, ISO 27001, etc.).
Understanding of critical national infrastructure (CNI) security.
Familiarity with scripting and automation (Python, PowerShell, Bash, etc.).
Please apply with your up to date CV if you are interested.
