Security Assurance Engineer (SC/DV)
Security Engineer – Assurance/Report Writing
We’re looking for a Security Assurance Engineer with the ability to see the whole security picture—technology, people, and process. You’ll join a team of experienced cyber specialists, but your role is to step back from the individual technical outputs and assess what they mean for the overall security posture of the service.
- Review and analyse security artefacts, test results, assessments, and technical outputs from the cyber teams.
- Translate that information into clear, evidence-based Security Assurance Reports.
- Develop, maintain, and communicate security arguments that demonstrate how risks are mitigated and how the service meets required security outcomes.
- Look beyond technical controls and assess people, process, and governance aspects that contribute to end-to-end security.
- Provide a holistic view of how all elements—technical and non-technical—impact the security of implemented services.
- Engage with stakeholders across engineering, delivery, and governance to ensure security assurance is understood and integrated.
Required Skill and Experience:
- SC Clearance is essential and must have been active within the last 12 months.
- Experience producing structured security assurance documentation, security cases, or security arguments (e.g., using GSN, safety/security case approaches, or similar).
- The ability to interpret diverse security inputs—pen test results, architectural designs, risk assessments, compliance outputs—and turn them into coherent assurance narratives.
- A strong understanding of how organisational processes, behaviours, and controls influence security.
- Excellent written communication skills, with the ability to present complex security information clearly and persuasively.
- Experience in large or complex projects where security needed to be managed holistically (not just at a technical-control level).
- Knowledge of relevant security standards or frameworks (e.g., NCSC, ISO 27001, NIST, etc.) is a plus.