Job Title:
CISO / Cyber Security Assurance Lead (EUC / MDM Focus), Northampton
Client:
Refreshing Recruitment Ltd
Location:
Northampton, United Kingdom
Job Category:
Other
EU Work Permit Required:
Yes
Job Views:
2
Posted:
07.06.2025
Expiry Date:
22.07.2025
Job Description:
We are seeking a Cyber Security Assurance Lead, often referred to as a “mini CISO,” to join a specialist End User Compute (EUC) IT services provider. The role involves leading the modernization of secure digital workplaces using Zero Trust and next-generation security principles for high-profile Central Government departments, requiring current SC clearance.
The successful candidate will oversee end-to-end EUC security assurance for a transformative Machinery of Government project, focusing on macOS Developer Device Solutions.
Key Responsibilities:
* Leading security assurance and governance throughout the solution lifecycle, including architecture design, build, deployment, and operational support.
* Developing and maintaining risk management documentation such as RMADS, SyOps, DPIAs, threat models, and continuous threat assessments.
* Ensuring compliance with assurance frameworks like GSC, NCSC guidance, Cabinet Office requirements, GDPR, and ISO27001.
* Conducting threat and vulnerability assessments for macOS devices, MDM platforms, developer tooling, remote access, and cloud infrastructure.
* Promoting secure-by-design practices in collaboration with security architects, DevOps teams, and testing teams.
* Engaging with stakeholders to secure necessary approvals and accreditation.
* Maintaining assurance registers and contributing to risk management and reporting processes across the program.
Candidate Profile:
Applicants should have a strong understanding of endpoint and device assurance, particularly with macOS and MDM solutions such as Jamf, Intune, or Workspace ONE. Preferred qualifications include:
* Professional certifications like CISSP, CISM, CCSP, or ISO 27001 Lead Auditor.
* Experience leading security assurance in central government or similar high-security environments.
* Deep knowledge of security assurance frameworks, including NCSC Cloud Security principles, GDS Service Standards, and government accreditation processes.
* Hands-on experience producing RMADS, SyOps, DPIAs, and similar artifacts.
* Proficiency with security tools for risk assessments, threat modeling, and vulnerability scanning.
* Security Clearance (SC).
Additional desirable skills include experience with DevSecOps, agile environments, Zero Trust architecture, IAM, and cloud-native security practices.
#J-18808-Ljbffr