Role Overview: IT Security Assurance Lead – Secure-by-Design
This role is responsible for leading secure-by-design activities across the Digital Engineering Services and Solutions department, specifically within Infrastructure and Service Operations. The successful candidate will ensure that all technology projects and portfolios comply with internal IT security policies and requirements.
Key Responsibilities
1. Oversee the secure-by-design process to ensure all relevant technology projects undergo comprehensive security assessments prior to implementation.
2. Conduct interviews with business and technology stakeholders to evaluate control effectiveness (both technical and non-technical).
3. Review documentation and evidence to validate the operating effectiveness of security controls.
4. Develop and execute testing strategies for assessing control effectiveness.
5. Identify and document gaps, risks, findings, and recommend remediation actions.
6. Manage timelines to ensure assessments are completed efficiently and effectively.
7. Provide assurance across both banking and securities domains under a dual-responsibility arrangement.
Required Experience
8. Proven ability to manage multiple complex tasks with broad scope and ambiguity.
9. Experience in cybersecurity assurance, including technologies, policies, standards, and procedures.
10. Strong knowledge across IT security domains such as:Security GovernanceIdentity and Access ManagementThreat IntelligenceRisk ManagementVulnerability and Patch ManagementSecurity Incident Management
11. Technical understanding of infrastructure components including networks, databases, platforms, cloud, storage, and desktop environments.
12. Experience in senior stakeholder engagement and reporting.
13. Ability to mentor and coach team members effectively.
Skills and Competencies
Essential:
14. Familiarity with cybersecurity and IT control frameworks (, SOX, FFIEC, ISO27001, NIST, PCI-DSS, Cloud Security Alliance).
15. Strong stakeholder management and communication skills.
16. Background in IT auditing, security auditing, or GRC (Governance, Risk, and Compliance).
17. Ability to plan and prioritize multiple workstreams in dynamic environments.
18. Broad technical knowledge of IT systems including operating systems, firewalls, SIEM, DLP, etc.
19. Strong documentation, presentation, and reporting capabilities.
Preferred:
20. Project management experience.
21. Continued awareness of cybersecurity principles and developments.
22. Experience in global IT risk management structures.
Education and Certifications
Essential:
23. Degree-level education or equivalent professional experience.
Preferred:
24. Industry-recognised certifications such as CISA, CRISC, CISM, CISSP
Job Title: It Auditor
Location: London, UK
Rate/Salary: - GBP Daily
Job Type: Contract
Trading as TEKsystems. Allegis Group Limited, Maxis 2, Western Road, Bracknell, RG12 1RT, United Kingdom. No. 2876353. Allegis Group Limited operates as an Employment Business and Employment Agency as set out in the Conduct of Employment Agencies and Employment Businesses Regulations 2003. TEKsystems is a company within the Allegis Group network of companies (collectively referred to as "Allegis Group"). Aerotek, Aston Carter, EASi, Talentis Solutions, TEKsystems, Stamford Consultants and The Stamford Group are Allegis Group brands.