BAPON Technologies
Architect – TSA Cyber Security

How your CV stacks up
Upload your CV to see how well it fits this job role
?%
TSA Cyber Security Architect
The TSA Cyber Security Architect is responsible for ensuring that telecommunications platforms, networks, applications and cloud solutions comply with the UK Telecommunications Security Act (TSA) and Secure by Design principles. The role provides security architecture leadership throughout the project lifecycle, ensuring regulatory compliance while reducing cyber risk across enterprise and telecom environments.
Key Responsibilities
- Review solution architectures for compliance with the UK Telecommunications Security Act (TSA).
- Provide security architecture guidance across Network, IT and Digital programmes.
- Conduct Secure by Design architecture assessments and security design reviews.
- Perform cyber risk assessments and recommend mitigation strategies.
- Ensure security requirements are embedded into Agile, DevSecOps and CI/CD delivery.
- Review end-to-end connectivity across telecom infrastructure.
- Define security requirements for cloud, on-premise and hybrid environments.
- Produce Security Architecture Documents (SAD), High Level Designs (HLD) and Low Level Designs (LLD).
- Review API, microservices and application security architecture.
- Work with Engineering, Architecture and Delivery teams to ensure compliance throughout project delivery.
- Support security testing, penetration testing and vulnerability remediation.
- Lead threat modelling workshops and architectural risk reviews.
- Support regulatory audits and compliance activities.
Reasons to use Rodeo
I’m in my final year doing Economics and I don’t know whether to apply for grad schemes now or do a masters first. What do you think?
Honest answer — it depends on where you want to end up. A lot of top grad schemes (Big 4, civil service, banking) don’t need a masters. Let’s look at the ones you’d be competitive for now, and we can decide if a masters actually adds anything.
Also worth knowing: most autumn 2026 applications are open now. Timing matters more than you think.
Start with a chat, not a search bar
Grad scheme, placement, apprenticeship? Not sure what you want yet — that's fine. Your agent talks it through with you and turns "I have no idea" into a shortlist.
Graduate Consultant — 2026 Scheme
Why you're a good match
StrongYour economics background and your summer at a regional bank line up with what PwC looks for on the consulting scheme. Applications close in four weeks.
See breakdownIt searches the market for you
Every day your agent scans the market matching roles against what actually matters to you, not just keywords on a CV.
Why you're a good match
You’ve got the grades and the economics background, and your bank internship is exactly the experience this scheme looks for. Apply soon — deadlines close within the month.
Experience fit
Your summer at the bank plus your econometrics coursework map directly to the day-one responsibilities on this scheme — client modelling, market briefings, and deal support.
Only hits
No noise. No "maybe this fits." Just roles with a clear explanation of why they're right — and where to focus when applying.
Technical Skills
- Strong understanding of UK Telecommunications Security Act (TCA/TSA) requirements.
- Secure by Design methodology.
- Enterprise Security Architecture.
- Network Security Architecture.
- Zero Trust Architecture.
- Cloud Security (AWS, Azure, GCP).
- Identity & Access Management (IAM).
- PKI, TLS, VPN and encryption technologies.
- Firewalls, IDS/IPS and SIEM platforms.
- API Security (OAuth2, OpenID Connect, JWT).
- DevSecOps and CI/CD security.
- Container Security (Docker, Kubernetes).
- Threat Modelling (STRIDE, ATT&CK).
- Vulnerability Management.
- Security Monitoring and Incident Response.
Experience Required
- 8–12+ years in Cyber Security or Security Architecture.
- Experience within Telecommunications or Critical National Infrastructure.
- Demonstrable experience performing Security Design Reviews.
- Experience with cloud transformation programmes.
- Strong stakeholder management and technical leadership skills.
- Experience working within regulated environments.


Get help with your application
Your very own career expert that helps elevate your application to the next level.
Certifications (Preferred)
- CISSP
- SABSA
- TOGAF
- CCSK or CCSP
- Azure Security Engineer
- AWS Security Specialty
- Certified Information Security Manager (CISM)
- NCSC Certified Professional (desirable)
Knowledge of Standards
- UK Telecommunications Security Act (TSA)
- NCSC Cyber Assessment Framework (CAF)
- ISO 27001
- NIST Cybersecurity Framework
- NIST 800-53
- CIS Controls
- IEC 62443 (advantageous)
- OWASP Top 10
- GDPR
Key Deliverables
- Security Architecture Review Reports
- Threat Models
- Security Risk Assessments
- Secure by Design Assessments
- Architecture Approval Documents
- Security Control Specifications
- Compliance Evidence for TSA audits
- Security Exception and Risk Register updates
Desirable Experience
- Telecom Core Networks (4G/5G)
- OSS/BSS platforms
- Network Virtualisation (NFV/SDN)
- API Gateways
- Kubernetes/OpenShift
- Infrastructure as Code (Terraform, Ansible)
Soft Skills
- Excellent communication and presentation skills.
- Ability to influence senior stakeholders.
- Strong analytical and problem-solving capability.
- Experience leading cross-functional technical workshops.
- Ability to balance security, business and operational requirements.
“It took my CV and asked me questions relevant to understanding what kind of jobs to suggest for me. Suggestions were almost perfect. Jobs were exactly what I’ve been looking for.”
Jessica, London
Skills
Location