Position: CISO / Cyber Security Assurance Lead (EUC / MDM Focus), Colchester
Client:
Refreshing Recruitment Ltd
Location:
Colchester, United Kingdom
Job Category:
Other
EU work permit required:
Yes
Job Views:
2
Posted:
07.06.2025
Expiry Date:
22.07.2025
Job Description:
This role requires security clearance and is based in Central London with hybrid working arrangements. It is a 6+ month contract.
We are seeking a Cyber Security Assurance Lead, often referred to as a “mini CISO,” to join a specialist End User Compute (EUC) IT services provider. The focus will be on modernising secure digital workplaces using Zero Trust and next-generation security principles for high-profile Central Government departments, hence the need for current SC clearance.
As the Cyber Security Assurance Lead, you will oversee end-to-end EUC security assurance for a transformational Machinery of Government, macOS Developer Device Solution.
Key responsibilities include:
* Leading security assurance and governance throughout the solution lifecycle, from architecture design through build, deployment, and operational support.
* Developing and maintaining risk management documentation such as RMADS, SyOps, DPIAs, threat models, and continuous threat assessments.
* Ensuring alignment with assurance frameworks including Government Security Classifications (GSC), NCSC guidance, Cabinet Office requirements, GDPR, and ISO27001.
* Conducting threat and vulnerability assessments for macOS devices, MDM platforms, developer tooling, remote access, and cloud-native infrastructure.
* Promoting secure-by-design practices in collaboration with security architects, engineering, DevOps, and testing teams.
* Interfacing with stakeholders to secure necessary approvals and accreditation.
* Maintaining assurance registers and contributing to programme-wide risk management and reporting.
We are looking for candidates with a strong understanding of endpoint and device assurance, particularly with macOS and MDM integrations (e.g., Jamf, Intune, Workspace ONE), and who possess:
* Professional certifications such as CISSP, CISM, CCSP, or ISO 27001 Lead Auditor
* Experience leading security assurance in central government or similar high-assurance environments
* Deep understanding of security assurance frameworks, including NCSC Cloud Security principles, GDS Service Standards, and government accreditation processes
* Hands-on experience producing RMADS, SyOps, DPIAs, and similar artefacts
* Experience with security tooling for risk assessments, threat modelling, and vulnerability scanning
* Security Clearance
Additional preferred skills include experience in DevSecOps or agile environments, knowledge of Zero Trust architecture, IAM, and cloud-native security practices.
#J-18808-Ljbffr