IT Assurance Officer (Permanent)
The full job description covers all associated skills, previous experience, and any qualifications that applicants are expected to have.
Location: Hybrid - South West Office Location
Salary: £65,000–£70,000 (dependant on experience) + benefits
Start: ASAP
We’re looking for an IT Assurance Officer to strengthen our governance, risk, and compliance capabilities across a complex, modern IT landscape. You’ll help design, test, and continuously improve the controls that keep our business secure, resilient, and audit-ready—working closely with Technology, Security, and Internal Audit teams.
What you’ll do:
* Plan and deliver IT assurance reviews across infrastructure, applications, and cloud (Azure/AWS).
* Test and validate IT general controls (access, change, backup/restore, DR/BCP), tracking remediation through to closure.
* Maintain and evolve the ISMS; support external and internal audits (e.g., ISO 27001).
* Perform risk assessments (cyber, information, third-party) and recommend pragmatic controls aligned to frameworks (ISO 27001, NIST CSF, CIS).
* Own policy/standard updates, control evidence, and high-quality documentation.
* Partner with data protection and security teams on GDPR and security-by-design.
* Produce clear, executive-ready reporting on control performance, KRIs/KPIs, and risk posture.
* Champion awareness and continuous improvement across the organisation.
What you’ll bring:
* 3–5+ years in IT assurance, audit, risk, or security governance (industry or Big 4/consulting).
* Hands-on experience testing/designing IT controls and managing remediation.
* Working knowledge of ISO 27001/2, NIST, COBIT, CIS Controls, and ITIL practices.
* Familiarity with cloud platforms, identity & access management, and change management.
* Strong documentation and stakeholder skills; comfortable influencing at pace.
* Desirable certifications: CISA, ISO 27001 Lead Implementer/Auditor, CRISC, or similar.
Nice to have:
* Experience in regulated or multi-site organisations.
* Exposure to GRC tooling (e.g., ServiceNow GRC, Archer) and audit management.
* SOX controls understanding and/or analytics/reporting (e.g., Power BI).
What’s on offer:
* Competitive base + bonus, pension, and comprehensive benefits.
* Hybrid working with modern tooling and supportive leadership.
* Funded training & certifications and a clear path for progression.