Senior / Security Risk Assurance Manager – SC cleared

Senior / Security Risk Assurance Manager – SC cleared

Location: Hybrid (60% on-site presence required)

Contract Type: Permanent & Full-time

Salary: Competitive + Benefits

About the Role

The Senior Security Risk Assurance Manager plays a pivotal role in strengthening the organisation’s security posture by leading risk-based assurance activities with a primary focus on supplier assurance and third‐party risk management. The role provides expert oversight of external supplier security controls, evaluates third‐party risk exposure, and delivers assurance that supply chain partners meet the organisation’s security expectations. By generating clear, evidence‐based insights, this position supports informed decision‐making across the enterprise and helps maintain a resilient and trustworthy supply chain.

Key Responsibilities

• Lead and manage a team of security professionals to deliver high-quality assurance activities.
• Develop and maintain an annual security assurance plan aligned with strategic business risks.
• Engage with stakeholders to scope, plan, and execute assurance activities across people, processes, and technology.
• Validate and interpret evidence to provide a holistic view of the organisation’s security posture.
• Present findings and recommendations to senior leadership and governance forums.
• Collaborate with internal teams (e.g., threat intelligence, compliance, audit) to ensure assurance activities reflect current threat landscapes.
• Act as a primary interface for business units, ensuring alignment between assurance activities and operational priorities.
• Promote continuous improvement and innovation in assurance practices.
• Ensure assurance reports are accurate, actionable, and meet quality standards.
• Share good practices and lessons learned across the organisation.

Experience Required

• Proven leadership experience in security risk assurance or related fields – specifically across supplier assurance and third-party risk.
• Strong understanding of enterprise security risk management principles.
• Experience in conducting security assessments and producing assurance reports.
• Ability to engage and influence stakeholders at all levels.
• Familiarity with security frameworks and standards (e.g., ISO 27001, NIST, CIS Controls).
• Excellent communication, planning, and organisational skills.
• Experience managing teams and developing talent.
• Ability to interpret complex technical and business information to assess risk.
• Experience in supply chain security assurance.
• Knowledge of secure by design principles and accreditation processes.
• Understanding of threat intelligence and its application in assurance.