* Title: Cyber Security Assurance Specialist
* Location: Oxfordshire, UK (2–3 days/week on site)
* Type & Duration: Contract |6+ Months Contract with InsideIR35
Job Description:
Role Overview:
A cross-functional role combining advisory and hands-on responsibilities. Focus areas include security assurance, risk management, architecture review, vulnerability management, cyber defence, and embedding risk-aligned security controls across IT and OT systems.
You will work across hybrid environments (cloud, infrastructure, applications, OT), support audits and compliance (Gov Assure, CAF, ISO 27001, Cyber Essentials), and drive secure-by-design practices.
Essential Skills:
* Designing & implementing secure cloud/infrastructure architectures
* Risk assessment & maintaining risk registers (ISO 31000, FAIR, OWASP)
* Knowledge of Gov Assure, CAF, ISO 27001, Cyber Essentials, NIST
* Conducting/supporting security audits & remediation
* Platform security (Entra ID, M365 E5, Azure IaaS/PaaS, Windows/Linux/Unix)
* Security tools: SIEM, EDR/XDR, vulnerability management
* Policy development, access control (RBAC/ABAC), logging standards
* Supporting assurance/government reviews (Secure by Design, GovAssure)
* Incident management, vulnerability assessment, SIEM/SOC systems
* ITSM workflows & change control
* Secure software supply chain & CI/CD security
* Threat intelligence, CVEs, CVSS interpretation
* Strong stakeholder communication & reporting skills
Desirable:
* Degree in Cybersecurity, IT, or STEM
* Security Assurance certifications (CCP, SIRA)
* Professional security certifications (CISSP, SSCP, CISM, CRISC, CCSP, SABSA, GIAC)
* Experience in regulated/government environments, research, energy, national infrastructure
* OT/ICS/SCADA security knowledge