Senior Security Risk Manager

We are PXC, the UK's largest provider of wholesale connectivity. Our vision is to be the UK's #1 wholesale platform, a one-stop shop provider of connectivity, voice, cloud and security underpinned by the UK's most robust, secure, resilient and reliable network.

Born from the combination of Virtual1 and TalkTalk's wholesale services and national network business, we operate across our 3 core sites (Salford, London and Skopje, North Macedonia).

Our mission is clear, to be the UK's best company to work for and best to work with. We believe this success is driven by the power of our employees. We empower our people to become true experts in their field who embody our values every day: we care; we challenge; we commit.

Security Risk Management are a high-performing team of Security Risk Managers enabling PlatformX to make risk-based decisions by effectively identifying and articulating the risks. They work closely with other teams in PlatformX to create holistic view of risks. Therefore, facilitating the business to make risk-based decisions. Reporting directly into the Lead Security Risk Manager, with no direct reports/people management duties.

The Senior Security Risk Manager would work with various teams within PlatformX to facilitate and be responsible for conducting supplier security due diligence activities and assessing security risks. Leveraging significant expertise across the PlatformX Security team, the Senior Security Risk Manager will be responsible to proactively identify and respond to risks and opportunities that could impact PlatformX's compliance with the Telecommunications (Security) Act 2021 (TSA) and help secure assets. With dynamic risk landscape, the Senior Security Risk Manager should ensure risks are promptly articulated to the business in a non-technical way to enable risk-informed decisions for clarity of prioritisation and investment.

• Responsible to identify and manage security risks relating to internal systems / applications and external / suppliers.
• Manage risk moderation exercises and influencing decisions by delivering substantiated recommendations.
• Responsible to conduct and maintain security risk assessments and supplier risk assessments.
• Review Security Declarations provided by suppliers as part of Telecom Security Act (TSA) requirements and compile reports to Senior Management.
• Provides advice and guidance on security strategies to manage identified risks in relation to suppliers in scope of TSA.
• Interprets information assurance and security policies and applies these in order to manage risks.
• Governs critical supplier relationships that deliver risk and security risk processes.
• Providing informative and timely updates on TSA in-scope suppliers and asset risks at appropriate senior governance forums. Supports security compliance audits such as TSA, security part of Financial Audit, ISO27001 and any other audit related activities.

Essential:

• Significant level of knowledge and experience in security, with demonstratable experience in security risk management.
• Excellent knowledge in security risk frameworks and best practices such as ISO27001, ISO27005, SOC2, NIST.
• CISSP, CISM and/or CRISC.

Desirable:

• Telecoms experience advantageous.

• Our brand new "PXC Flex" benefit launched in January 2025, which includes Flex30, an additional 30 hours* of leave every year for you to use how you wish
• Our hybrid working policy offers you flexibility to work from home 40% of the time, with the other 60% connecting with your colleagues in one of our accessible and collaborative office spaces
• A starting holiday allowance of 25 days* holiday and up to 10 extra days* leave via our holiday purchase scheme
• Free private healthcare for all employees, competitive pension scheme and the opportunity to earn bonus
• Free broadband for all employees plus gifts for major life events such as marriages and births
• Flexible salary sacrifice scheme including dental, gym and much more, plus a huge range of shopping and leisure discounts so you can save even more cash
• A range of inclusive employee networks to help integrate employees into life at PXC

(* Days and hours are based on a full-time employee's working pattern and leave is pro-rated for part-time employee)

At PXC, we know that diversity means success and innovation. We want our workplace to reflect the communities and customer we serve. Being inclusive is part of our DNA; we are all 100% human, and we create a culture where you can truly be yourself.

We're also not your usual 9-5. We are a dynamic workplace and we want to talk to you about how you like to work.