Cyber Security Assurance Manager
About the Role
Our client is looking for a Cyber Security Assurance Manager to take ownership of security certifications and assurance activities within a global Security Operations environment.
This is a key role within the Governance, Risk & Compliance (GRC) function, responsible for maintaining internationally recognised security standards and ensuring continuous audit readiness. You'll act as a trusted expert, supporting customer assurance, audits, and regulatory alignment while helping to strengthen overall security posture.
Key Responsibilities
Certification & Compliance
Lead the delivery and maintenance of key certifications including ISO/IEC 27001, SOC 2 Type II, SOC 3, Cyber Essentials Plus, and CREST
Oversee additional frameworks such as PCI DSS and NCSC standards (CIR/CHECK)
Ensure certifications are maintained, renewed, and continuously improved
Security Assurance
Embed security and certification requirements into operational processes
Maintain audit readiness through ongoing monitoring and evidence collection
Translate compliance requirements into practical procedures for operational team
Customer Assurance
Act as the main point of contact for security assurance queries
Support RFPs, RFIs, and audit requests with clear and accurate documentation
Develop assurance packs demonstrating strong security practices
Regulatory & Industry Alignment
Stay up to date with frameworks such as NIST CSF, GDPR, NIS2, and UK NCSC guidance
Advise stakeholders on regulatory changes and their impact
Ensure alignment with evolving cybersecurity standards
Continuous Improvement
Improve assurance processes and audit efficiency
Provide reporting on certification status, audit outcomes, and performance metrics
Collaboration
Work closely with technical, security, and commercial teams
Deliver training and promote best practices across the organisation
What We're Looking For
Experience
Proven experience managing cybersecurity certifications (ISO 27001, SOC 2, Cyber Essentials Plus, CREST)
Strong understanding of Security Operations (SOC) environments
Experience supporting audits, RFPs, and customer assurance activities
Knowledge of industry frameworks and regulations (NIST, GDPR, NCSC, etc.)
Experience working with auditors, regulators, and certification bodies
Skills
Strong documentation and audit evidence management
Excellent communication skills with both technical and non-technical stakeholders
Analytical mindset with attention to detail
Ability to manage multiple priorities and projects
Strong stakeholder engagement and influencing skills
Personal Attributes
Proactive and solutions-focused
Collaborative and team-oriented
High level of integrity and professionalism
Adaptable in a fast-paced environment