Future Tech Jobs Future Tech Jobs

Security Assurance Manager

Experis
City of London, United Kingdom
Last month
Applications closed

Related Jobs

View all jobs

Third Party Risk Manager

Pontoon Edinburgh, Alba / Scotland, United Kingdom
Remote

Operational Technology Risk Manager

MBDA Middle Hulton, Manchester, BL5 1FJ, United Kingdom
£60,000 pa Hybrid Clearance Required

Operational Technology Risk Manager

MBDA Manchester, United Kingdom
£60,000 pa

Application Security Architect

CBSbutler Holdings Limited trading as CBSbutler Bracknell, Berkshire, United Kingdom
£65,000 – £70,000 pa

Consultant, Readiness Services , GBR)

CrowdStrike United Kingdom
Remote

Cyber Security Assurance Specialist

GTC Recruitment Culham, Oxfordshire, OX14 4LY, United Kingdom
£50 – £55 ph Hybrid Clearance Required
Posted
13 Apr 2026 (Last month)
Share
Save job
Create job alert

Security Assurance Manager

London - Hybrid

12-18 months

£600 - £750 per day inside IR35 - umbrella only

Active SC clearance required

Responsibilities

Oversee and guide a team of consultants from the UK business who are fulfilling our cloud security assurance process for non-core cloud systems

Maintain and implement our overall Secure Networks Security Assurance framework, including creation of protocols and processes as required.

Maintain our secure network approvals including risk assessments, security arguments, and compliance statements against the DCPP Cyber Security Model (plus against other standards and control sets as required)

Carry out and maintain security assessments for core Secure Networks cloud systems such as Microsoft 365

Oversee Secure Networks elements of broader company certification to the Defence Cyber Certification

Carry out compliance audits to ensure that the Secure Networks Team, local security contacts, and project teams are carrying out required assurance activities, both in our secure networks and for cloud systems

Stay up to date with MOD and other regulatory guidance, and relevant commercial standards such as Microsoft 365 guidance, and incorporate the results into our Secure Networks security assurance approaches

Provide security assurance guidance to the Secure Networks Team to review and influence the design and operation of our secure networks

Periodically update the risk assessments for our secure networks, communicate implications to relevant stakeholders, and track progress against action items

Stay up to date with the threat landscape affecting our secure networks, using a range of sources such as the corporate Threat Intelligence team

Track progress made by a range of parties against security action plans

Collaborate with, learn from and advise relevant internal stakeholders such as Global Security, Security Points of Contact, the Secure Networks Team, the UK business security managers, Security Controllers, corporate and UK project procurement, HR Vetting, project teams, and individual staff members seeking guidance e.g. for overseas working

Liaise with relevant external stakeholders such as MOD CyDR

Annually revise and reissue Security Operating Procedures for our secure networks and core Secure Networks cloud systems

Support external security-related audits such as ISO27001 and by clients including MOD

Oversee authorisations of third parties who will handle information from our secure networks or connect in to them, including both initial approval and ongoing maintenance

Assess devices that require connection to our secure networks, for example point cloud scanners

Maintain a co-ordinated programme for all security assurance activities to ensure they are delivered in a timely manner

Arrange, report to, and provide advice and recommendations to Secure Networks Governance Committee meetings

Report into the Office of the Chief Information Security Officer to provide confidence to them that our UK Secure Networks have adequate security assurance

Carry out security assurance for key elements of the Secure Networks supply chain (hardware, software, services)

Create and maintain infrastructure required to move the Security Assurance function from being an individual contact to a comprehensive standalone function, for example a group mailbox, a Team, communications methods, and site(s) for publication of Security Assurance policies, trackers, etc.Required Skills & Qualifications

A 'completer finisher', with an eye for detail.

Demonstrable experience of working in cyber security in a UK MOD-related environment

Strong familiarity with UK MOD security standards such as Def Stan 05-138 versions 3 and 4, the Cyber Security Model, Secure By Design, Industry Security Notices

Strong familiarity with UK Government security standards such as 007/SPF, NCSC Cloud Security Principles, NCSC Principles for Using Software as a Service (SaaS) securely, Cyber Essentials, and the CHECK penetration testing scheme

Broad familiarity with UK Government physical and personnel security such as NPSA and UKSV

Risk assessment using recognised standards such as IS1 and NIST SP800-30

Able to express yourself effectively, with a high degree of clarity, in English, especially when justifying and explaining required security measures

Able to liaise effectively with a wide range of stakeholders, from senior leaders to technical IT staff

Able to prioritise and manage your time to achieve multiple different tasks

(Desirable) Familiarity with broader international security standards such as ISO27001, CMMC, and the NIST Cyber Security Framework (especially SP800-30 and SP800-53)

(Desirable) Familiarity with UK nuclear regulations such as the ONR SyAPs

(Desirable) Familiarity with the AtkinsRéalis corporate security standards and approaches

Competent with Microsoft Word, Excel and PowerPoint

Join a dynamic team supporting vital national security projects. Apply now to be part of a forward-thinking organisation committed to safeguarding critical infrastructure

Industry Insights

Discover insightful articles, industry insights, expert tips, and curated resources.

Products

Where to Advertise Cyber Security Jobs in the UK (2026 Guide)

Where to advertise cyber security jobs UK in 2026: the specialist boards, communities and channels that reach offensive, defensive and GRC security talent. The candidate pool is small, heavily vetted and in high demand across government, financial services, critical national infrastructure and the private sector simultaneously. Many of the strongest candidates hold active security clearances, are not actively job-searching through general platforms, and move primarily through specialist networks and trusted referrals. General job boards reach a broad audience but lack the specificity that security professionals expect. Specialist platforms, government-affiliated channels and cleared candidate networks each serve a different part of the market. This guide, published by CybersecurityJobs.tech, covers where to advertise cyber security roles in the UK in 2026, how the main platforms compare, what employers should expect to pay, and what the data says about hiring across different role types.

Jobs

Cyber Security Jobs UK 2026: What to Expect Over the Next 3 Years

Cyber Security Jobs UK 2026: roles, salaries and the threat intelligence, cloud security and zero-trust hiring trends shaping UK cyber careers. Cyber security is one of the few sectors where demand for talent has never once dipped. Every major technological shift of the past decade — cloud migration, remote working, AI adoption, the proliferation of connected devices — has expanded the attack surface that security professionals are expected to defend. And every expansion of that attack surface has generated more jobs. But the cyber security jobs market of 2026 is not simply a larger version of what it was three years ago. It is a structurally different market. The threats have evolved, the technologies used to combat them have changed, the regulatory environment has tightened considerably, and the roles being created reflect all of that. A job seeker who understands only the cyber security landscape of 2023 is already working with an outdated map. The candidates who will thrive over the next three years are those who understand where the sector is heading — which specialisms are attracting the most investment, which technologies are reshaping defensive and offensive security practice, and how the definition of a cyber security professional is broadening well beyond the traditional image of a network defender in a SOC. This article breaks down what the UK cyber security jobs market is likely to look like through to 2028 — covering the titles emerging right now, the technologies driving employer demand, the skills that will matter most, and how to position your career ahead of the curve.

Jobs

Penetration Tester Jobs in the UK: What Employers Actually Want in 2026

Penetration Tester Jobs UK 2026: the skills, certifications (OSCP, CREST, CEH) and experience UK employers actually want from ethical hackers this year. The demand for skilled professionals in cyber security has never been higher, and penetration testers sit at the very heart of this rapidly evolving industry. As organisations across the UK continue to digitise their operations, protect sensitive data, and defend against increasingly sophisticated threats, the need for ethical hackers has grown dramatically. If you are considering a career in this field—or looking to advance within it—it is essential to understand what employers are really looking for in 2026. This guide breaks down the current expectations, required skills, certifications, and practical experience that can help you stand out in a competitive job market.

🍪 Basic, anonymous analytics (aggregate counts only, never shared) are always on. Accept to also enable third-party tools — Google Analytics, Microsoft Clarity, Mixpanel, Leadfeeder — which help us match you with relevant Cyber Security roles. We never sell your data or use it for cross-site advertising. See our Cookie Policy.