IT Security Assessor

IT Security Assessor - Secure by Design

Inside IR35

Our client, a leading global bank, is seeking an IT Security Assessor to join their Digital Engineering Services & Solutions division. You’ll play a pivotal role in ensuring projects across Infrastructure and Service Operations are secure-by-design, compliant with IT security policies, and resilient against emerging threats.

This is an excellent opportunity for an experienced IT Auditor, Security Auditor, or GRC Analyst to work on high-profile, business-critical technology initiatives within a complex, regulated environment.

• Delivering on the secure-by-design review process, ensuring all technology projects undergo security assessment prior to implementation.

• Engaging with business and technical stakeholders to validate security controls (both technical and non-technical).

• Reviewing and analysing reports, evidence, and control documentation to confirm effectiveness.

• Developing and executing test strategies to validate security control performance.

• Identifying gaps in operating effectiveness and recommending remediation actions.

• Documenting risks, findings, and recommendations in clear, actionable reports.

• Managing workload across multiple concurrent projects, meeting deadlines in a fast-paced portfolio environment.

• Strong understanding of cybersecurity and IT control frameworks (SOX, FFIEC, ISO27001, NIST, Cloud Security Alliance, PCI-DSS).

• Proven experience as an IT auditor, security auditor, or GRC analyst in a complex environment.

• Hands-on knowledge of IT security systems (OS, databases, firewalls, SIEM, DLP, etc.).

• Strong stakeholder engagement skills, with the ability to challenge and influence effectively.

• Demonstrated ability to prioritise and deliver across multiple projects.

• Excellent reporting, documentation, and presentation skills.

• Experience in project management.

• Previous assurance experience for cybersecurity policies, standards, and procedures.

• Understanding of global IT risk management frameworks.

• Exposure to senior stakeholder management and management-level reporting.

Due to the volume of applications received for positions, it will not be possible to respond to all applications and only applicants who are considered suitable for interview will be contacted. 

Proactive Appointments Limited operates as an employment agency and employment business and is an equal opportunities organisation

We take our obligations to protect your personal data very seriously.  Any information provided to us will be processed as detailed in our Privacy Notice, a copy of which can be found on our website http://proactive.it/privacy-notice/