Cyber Security Assurance Manager
Overview
An exciting opportunity has arisen for an experienced Cyber Security Assurance Manager to take ownership of security certifications, audits, and assurance standards for a leading Security Operations Centre (SOC) environment.
This role will focus on delivering and maintaining key certifications such as ISO/IEC 27001, SOC 2 Type II, Cyber Essentials Plus, and CREST SOC accreditation, as well as supporting sector-specific frameworks including PCI DSS and NCSC CIR/CHECK .
The ideal candidate will have a strong background in cybersecurity assurance, experience engaging with external auditors and customers, and a proactive approach to maintaining compliance and continuous improvement within a global SOC function.
Key Responsibilities
Certification Delivery & Maintenance
* Lead the delivery and ongoing maintenance of SOC-related certifications including SOC 2 Type II, SOC 3, ISO/IEC 27001, Cyber Essentials Plus, and CREST .
* Manage sector-specific compliance such as PCI DSS and NCSC CIR/CHECK .
* Ensure timely renewals and proactively address compliance gaps.
Security Assurance for SOC Operations
* Integrate certification and assurance requirements into SOC governance, processes, and operations.
* Maintain evidence collection and audit readiness for both internal and external audits.
* Translate assurance and control requirements into actionable procedures for SOC teams.
Customer Assurance & Engagement
* Act as a key point of contact for customer assurance activities related to SOC services.
* Support RFIs, RFPs, and audit requests with accurate and professional certification documentation.
* Develop and maintain customer-facing assurance materials that demonstrate a strong security posture.
Regulatory & Framework Alignment
* Monitor changes in global cybersecurity regulations and standards (e.g. NIST CSF, NCSC, NIS2, GDPR ).
* Ensure SOC assurance aligns with evolving regulatory and industry expectations.
* Advise senior leadership on how emerging regulations impact assurance strategy.
Continuous Improvement & Reporting
* Drive efficiency in assurance processes, reducing time to audit readiness and improving evidence management.
* Produce regular updates and reports for senior stakeholders on certification status and audit outcomes.
Collaboration & Knowledge Sharing
* Work closely with teams across SOC Operations, Information Security, Risk & Compliance, and Commercial functions.
* Deliver training and awareness sessions on SOC assurance standards and compliance best practices.
Experience & Qualifications
* Proven experience delivering and maintaining certifications such as ISO/IEC 27001, SOC 2 Type II, Cyber Essentials Plus, and CREST .
* Solid understanding of SOC operations and security assurance frameworks .
* Experience managing customer-facing assurance activities, including audits, RFIs, and RFPs.
* Knowledge of regulatory and industry frameworks including NIST CSF, GDPR, and UK NCSC guidance .
* Comfortable working with external auditors, certification bodies, and regulators .
Key Skills
* Strong documentation, compliance, and evidence management skills.
* Excellent communicator with the ability to explain complex assurance topics clearly and confidently.
* Analytical and detail-oriented, with the ability to identify and close compliance gaps.
* Strong stakeholder management and influencing skills across technical and commercial teams.
* Highly organised and capable of managing multiple projects and certifications simultaneously.
Personal Attributes
* High integrity and professionalism in all assurance activities.
* Customer-focused and confident in handling external assurance interactions.
* Proactive and solutions-oriented, with a continuous improvement mindset.
* Adaptable and resilient in a fast-paced, global environment.
* Collaborative and team-oriented, fostering trust across departments.
What’s on Offer
* Competitive salary package
* Flexible and remote working options
* Company pension and life assurance
* Private healthcare and dental cover
* 25 days annual leave plus bank holidays, with the option to buy additional days
* Access to professional training and development platforms
* Cycle-to-work and wellbeing schemes
* Inclusive and supportive working culture