Information Security Assurance Specialist
1 week ago
ROLE OVERVIEW //
Reporting to the Information Security Manager, the Information Security Assurance Specialist will play a pivotal role in strengthening the firm's information security posture. It will identify where security assurance testing of the firm's systems and processes is required, commission the required tests from relevant suppliers, and manage their findings through to resolution. It will also provide security assurance in relation to the IT project and change management lifecycles by identifying security requirements, reviewing project design documentation, and working with technical stakeholders to mitigate information security risks associated with technical change requests. The successful candidate will be proactive and motivated individual with the ability to quickly grasp technical concepts and effectively communicate information security risks to a range of stakeholders. A strong background in information security within professional or financial services is essential.
KEY RESPONSIBILITIES //
The key responsibilities of this role are set out below and there may be others which are not listed. You may be required on occasion to work outside our normal working hours of 9:30am to 5:30pm.
- Plan, scope, commission and oversee a wide range of technical assurance testing, including:
- Penetration tests of IT project deliverables as they approach release to production.
- The baseline annual penetration test of the firm's core systems and IT infrastructure.
- Other offensive security testing, such as physical penetration tests and social engineering exercises (e.g. vishing), to provide assurance in relation to non-technical security controls.
- Validate the findings arising from such tests with relevant subject matter experts, prioritise them based on risk, and manage them through to resolution (e.g. mitigation or risk acceptance).
- Work with the Technology department's IT Architecture function to review design documentation for new (or significant changed) IT solutions, embedding security requirements from the outset.
- Identify and assess the information security risks associated with technical change requests and represent information security perspectives at Technical Change Advisory Board (T-CAB). Information Security Assurance Officer 2
- Help drive continuous improvement and consistency in relation to security assurance, e.g. by:
- Helping to define what security testing the firm requires and when.
- Pre-empting and pre-defining typical information security requirements for projects.
- Assist in managing the firm's information security management system (ISMS), including maintaining policies, producing management reports, and supporting compliance activities.
CANDIDATE PROFILE //
Candidates for this position must have:
- Strong experience in an information security or technical cyber security role, ideally within a regulated environment or an organisation aligned to ISO 27001.
- Strong knowledge of ISO 27001 and Cyber Essentials Plus standards.
- A self-motivated, results-driven mindset with a strong sense of ownership and accountability.
- Excellent organisational skills, with the ability to prioritise effectively in a fast-paced environment.
- Intellectual curiosity and a commitment to continuous improvement, including researching new ideas and validating them through testing.
- Proven ability to collaborate effectively, build strong professional relationships, and communicate confidently with senior leadership.
-
Information Security Assurance Consultant
2 weeks ago
London, United Kingdom Lorien Full time**Information Security Assurance Consultant** **Location**: Manchester or London - Hybrid working **Salary**:Up to £100,000** (depending on experience) **plus excellent benefits** Lorien Global have partnered with a large global bank to assist in growing their entire information security function with a variety of specialist roles, one of which one of...
-
Security Assurance Engineer
2 weeks ago
Greater London, United Kingdom The Security Event Full timeSecurity Engineer – Assurance/Report Writing We’re looking for a Security Assurance Engineer with the ability to see the whole security picture—technology, people, and process. You’ll join a team of experienced cyber specialists, but your role is to step back from the individual technical outputs and assess what they mean for the overall security...
-
Cyber Information Assurance Specialist
5 days ago
Greater London, United Kingdom ACCA Careers Full timeCyber Information Assurance Specialist Position: Cyber Information Assurance Specialist at ACCA Careers, working with Accenture. Location: Any Accenture UK location. Career Level: Level 9 – Specialist. Please Note: Any offer of employment is subject to satisfactory BPSS and SC security clearance which typically requires 5 years continuous UK address...
-
Security Assurance Specialist
2 weeks ago
London, United Kingdom AWS EMEA SARL (UK Branch) Full timeThe requirements listed below are representative of the knowledge, skill, and/or ability required: - Bachelor's Degree in Computer Science, Information Systems Management, Cybersecurity, Technology Policy, or other related fields. - At least 5 years of experience in work related to security assurance, such as cybersecurity, audit or security architecture -...
-
Information Security Assurance Analyst
2 weeks ago
London, United Kingdom Woolf Group Full timeInformation Security Assurance Analyst is required for a leading Fund based in West London. You will be working on a number of greenfield initiatives and projects focussed on InfoSec Assurance Activities with industry leaders as your peers. **Responsibilities**: - Support team members with information security assurance activities including ISO27001 and...
-
Information Security Specialist
7 days ago
London, United Kingdom Inizio Full time**Information Security Specialist** **Our Pledge** **The Role** Working as part of a global information security team, and reporting into our Chief Information Security Officer, you will be a proven self-starter, have excellent organisational and communication skills, have a genuine passion for cyber security and be calm under pressure. **Here's**...
-
Information Security Assurance Lead
4 days ago
London, United Kingdom Financial Conduct Authority Full timeInformation Security Assurance Lead **Salary**: National ranging from £57,600 to £81,000 and London from £63,300 to £90,000 Are you interested in influencing the strategic direction of cyber security and information resilience? The team/department Cyber and Information Resilience (C&IR) is responsible for the management of cyber security at the FCA....
-
Information Security Specialist
5 days ago
London, United Kingdom National Audit Office Full time**Minimum salary** **Maximum salary** **Location** - London **Close date** - 14/08/2025 **Job description** - Role: Information Security Specialist - Location: London or Newcastle - Salary: London: Up to £70,000 per annum, Newcastle: Up to £61,00 per annum - Type of contract: Full Time, permanent - Location: Hybrid working. On-site at our London or...
-
Information Security Assurance Manager
2 weeks ago
City Of London, United Kingdom Pension Corporation Full timeRole Purpose: We are looking for an experienced Information Security Assurance Manager on a fixed term basis for maternity cover, to work within our Information Security team. The team are committed to supporting the effective operation of information security risk management. This includes the maintenance and continual improvement of Information Security...
-
Information Security
2 weeks ago
London, United Kingdom Leidos Innovations UK Limited Full timeINFORMATION ASSURANCE ENGINEERLocation: 90% On-site travel to Huntingdon, 10% travel to West London Clearance Level: High - DV 'Developed Vetting' Role Description We require an information assurance engineer for support to our customer projects, Logistics, Civil and National Security Defence and Intelligence groups in the UK. You may need to apply for...
