United Kingdom - Gloucester
Posted: 16/09/2025
Salary: £65K to £520.00 per Year
ID: 36583_BH
Apply
OR
IT Assurance Officer (Permanent)
Location: Hybrid - Gloucestershire (2 days per week)
Salary: £65,000-£70,000 (dependant on experience) + bonus & benefits
Start: ASAP
The opportunity
We're looking for an IT Assurance Officer to strengthen our governance, risk, and compliance capabilities across a complex, modern IT landscape. You'll help design, test, and continuously improve the controls that keep our business secure, resilient, and audit-ready, working closely with Technology, Security, and Internal Audit teams.
What you'll do
1. Plan and deliver IT assurance reviews across infrastructure, applications, and cloud (Azure/AWS).
2. Test and validate IT general controls (access, change, backup/restore, DR/BCP), tracking remediation through to closure.
3. Maintain and evolve the ISMS; support external and internal audits (e.g., ISO 27001).
4. Perform risk assessments (cyber, information, third-party) and recommend pragmatic controls aligned to frameworks (ISO 27001, NIST CSF, CIS).
5. Own policy/standard updates, control evidence, and high-quality documentation.
6. Partner with data protection and security teams on GDPR and security-by-design.
7. Produce clear, executive-ready reporting on control performance, KRIs/KPIs, and risk posture.
8. Champion awareness and continuous improvement across the organisation.
What you'll bring
9. 3-5+ years in IT assurance, audit, risk, or security governance (industry or Big 4/consulting).
10. Hands-on experience testing/designing IT controls and managing remediation.
11. Working knowledge of ISO 27001/2, NIST, COBIT, CIS Controls, and ITIL practices.
12. Familiarity with cloud platforms, identity & access management, and change management.
13. Strong documentation and stakeholder skills; comfortable influencing at pace.
14. Desirable certifications: CISA, ISO 27001 Lead Implementer/Auditor, CRISC, or similar.
Nice to have
15. Experience in regulated or multi-site organisations.
16. Exposure to GRC tooling (e.g., ServiceNow GRC, Archer) and audit management.
17. SOX controls understanding and/or analytics/reporting (e.g., Power BI).
What's on offer
18. Competitive base + bonus, pension, and comprehensive benefits.
19. Hybrid working with modern tooling and supportive leadership.
20. Funded training & certifications and a clear path for progression.
Apply
OR
Share:
IT Assurance Officer/ GRC Lead