Cyber Security Assurance Manager

Cyber Security Assurance Manager

• Location: Portsmouth, UK
• Hybrid: - 3 days onsite per week
• Salary: Up to £65,000
• Employment Type: Permanent

Job Summary: Our client, a leading IT services and consulting firm, is seeking a Cyber Security Assurance Manager to ensure their SOC meets and maintains top security certifications and assurance standards. As part of the GRC function, you'll lead customer assurance activities, manage external audits, and oversee key certifications such as ISO 27001, SOC2 Type II, Cyber Essentials Plus, and Crest SOC accreditation.

Key Responsibilities:

• Act as primary contact for customer assurance activities, supporting RFIs, RFPs, and client audit requests
• Deliver training and awareness sessions on SOC assurance standards to internal teams
• Develop customer-facing assurance documentation demonstrating the organisation's security posture
• Lead the delivery and ongoing maintenance of SOC-related certifications (SOC 2 Type II, SOC 3, ISO/IEC 27001, Cyber Essentials Plus, Crest)
• Embed certification requirements into SOC governance, processes, and operational practices
• Ensure continuous monitoring, evidence collection, and audit readiness for internal and external assessments
• Monitor developments in global cybersecurity regulations and frameworks (NIST CSF, UK NCSC guidance, EU NIS2, GDPR)
• Oversee sector-specific assurance requirements, including PCI DSS and NCSC CIR/CHECK, where applicable
• Provide expert advice to leadership on regulatory changes impacting SOC assurance strategy
• Drive continuous improvement in assurance processes and evidence collection efficiency
• Produce regular reports and dashboards on certification status, audit outcomes, and assurance performance
• Collaborate with SOC operations, Information Security, Risk & Compliance, and Commercial teams

Essential Qualifications & Requirements:

• Proven experience delivering and maintaining cybersecurity certifications (ISO/IEC 27001, SOC 2 Type II, Cyber Essentials Plus, Crest)
• Strong understanding of SOC operations and security assurance frameworks
• Experience in customer-facing assurance activities, including audits, RFIs, and RFPs
• In-depth knowledge of NIST CSF, GDPR, and UK NCSC guidance
• Experience liaising with external auditors, regulators, and certification bodies
• Strong ability to develop and maintain compliance documentation and audit evidence
• Proven organisational skills managing multiple certifications and assurance projects simultaneously