Cyber Security Assurance Specialist

Role: Cyber Security Assurance Specialist Salary/Rate: £45-55 per hr inside IR35 Location: Hybrid, near Oxford 3x per week Contract Duration: until December 2026

We are currently looking for a Cyber Security Assurance Specialist for our government client.

This Cyber Security Assurance Specialist role is hybrid, based between working 3 days per week on site in Abingdon Oxfordshire and the remainder of the week working remotely. There is no further flexibility with the on-site requirement.

The contract for this Cyber Security Assurance Specialist position is until December 2026, with potential to extend, operating inside IR35.

Security Clearance: eligible for Security Check ("SC Clearance")

This role is inside IR35 - Due to the service of the role, it will now be based on an Umbrella solution.

Essential skills/experience required:

  • Demonstrable experience in designing and implementing secure infrastructure or cloud architectures.
  • Proven experience with risk assessment methodologies and maintaining enterprise risk registers.
  • Working knowledge of risk assessment methodologies (e.g. ISO 31000, FAIR, OWASP risk rating).
  • Strong understanding of Gov Assure, CAF, ISO 27001, Cyber Essentials, and NIST frameworks.
  • Experience conducting or supporting security audits and implementing remediation plans.
  • Proficiency in assessing and securing platforms such as Entra ID (Azure AD), Microsoft 365 E5, Azure IaaS/PaaS, Windows/Linux/Unix.
  • Strong knowledge of security tooling such as SIEM, endpoint detection (EDR/XDR), and vulnerability management platforms.
  • Hands-on experience with policy development, access control models and logging standards.
  • Experience supporting assurance activities or government-mandated reviews (e.g. GovAssure, Secure by Design).
  • Knowledge of Incident Management, Vulnerability Assessments, SIEM & SOC Systems.
  • Familiarity with ITSM workflows and change control procedures
  • Experience designing or reviewing secure software supply chain and CI/CD security.
  • Ability to interpret CVEs, CVSS scores, and threat intelligence feeds.
  • Strong stakeholder engagement and communication skills with an ability to produce technical reports and articulate risk to non-specialists.
  • Excellent written and verbal communication skills with the ability to present to senior stakeholders.

Role / Responsibilities:

  • Conduct technical risk assessments on IT/OT/cloud systems
  • Provide secure design guidance to digital projects (cloud/infra/app)
  • Maintain and update the security risk register quarterly
  • Evaluate 2 critical technical changes for architectural risk (e.g., network reconfig, app onboarding)
  • Document evidence gathering and remediation planning for Secure-by-design,CAF and GovAssure
  • Conduct internal technical assurance reviews aligned to GovAssure/CAF/ISO27001 domains
  • Maintain traceability of security controls to frameworks (NIST, CE+, NCSC),
  • Evaluate Suppliers against internal and external risk criteria for Assurance.
  • Contribute to the adoption of Zero Trust principles in platform design
  • Provide secure-by-design input into infrastructure/cloud/app initiatives
  • Define security control templates for new deployments (e.g., SaaS, Azure service, OT upgrade)
  • Deliver knowledge sessions to technical teams (secure config, threats, compliance)
  • Develop secure configuration guidance for platforms (e.g. Entra ID, Linux, M365)
  • Represent Cyber Security in architecture/design authorities
  • Produce and maintain technical security reports for assurance cycles
  • Support compliance audit evidence packs (GovAssure/CAF, CE+, ISO 27001)
  • Develop or update security standard documents (e.g. threat modelling, vulnerability mgmt)
  • Support cyber input for IT, research or OT programmes
  • Work with IT teams to co-author and test secure configuration standards and playbooks
  • Support security policy application in hybrid cloud, infra, and app settings
  • Support audit and compliance activities with reporting and evidence gathering

If you are interested in the above role, please click Apply Now and send a CV for quick review.

Should you require reasonable adjustments at any point during the recruitment process or if there is a better way for us to communicate, please do let us know.

Security, Cyber, Infosec, Information Security, GRC, Assurance, Compliance, Risk, Vulnerability

Circle Recruitment is acting as an Employment Agency in relation to this vacancy. Earn yourself a referral bonus if you refer somebody else who fills the role! We also offer an iPad if you refer a new client to us and we recruit for them. Follow us on Facebook - Circle Recruitment , Twitter - @Circle_Rec and LinkedIn - Circle Recruitment.

Apply Now
Apply Now

Job Details

Company
Circle Recruitment
Location
Oxford, Oxfordshire, England, United Kingdom
Hybrid / Remote Options
Employment Type
Contractor
Salary
£45.00 - £55.00 per hour
Posted