Cyber Security Assurance Manager

About the Role

Our client is looking for a Cyber Security Assurance Manager to take ownership of security certifications and assurance activities within a global Security Operations environment.

This is a key role within the Governance, Risk & Compliance (GRC) function, responsible for maintaining internationally recognised security standards and ensuring continuous audit readiness. You'll act as a trusted expert, supporting customer assurance, audits, and regulatory alignment while helping to strengthen overall security posture.

Key Responsibilities

Certification & Compliance

• Lead the delivery and maintenance of key certifications including ISO/IEC 27001, SOC 2 Type II, SOC 3, Cyber Essentials Plus, and CREST
• Oversee additional frameworks such as PCI DSS and NCSC standards (CIR/CHECK)
• Ensure certifications are maintained, renewed, and continuously improved

Security Assurance

• Embed security and certification requirements into operational processes
• Maintain audit readiness through ongoing monitoring and evidence collection
• Translate compliance requirements into practical procedures for operational team

Customer Assurance

• Act as the main point of contact for security assurance queries
• Support RFPs, RFIs, and audit requests with clear and accurate documentation
• Develop assurance packs demonstrating strong security practices

Regulatory & Industry Alignment

• Stay up to date with frameworks such as NIST CSF, GDPR, NIS2, and UK NCSC guidance
• Advise stakeholders on regulatory changes and their impact
• Ensure alignment with evolving cybersecurity standards

Continuous Improvement

• Improve assurance processes and audit efficiency
• Provide reporting on certification status, audit outcomes, and performance metrics

Collaboration

• Work closely with technical, security, and commercial teams
• Deliver training and promote best practices across the organisation

What We're Looking For

Experience

• Proven experience managing cybersecurity certifications (ISO 27001, SOC 2, Cyber Essentials Plus, CREST)
• Strong understanding of Security Operations (SOC) environments
• Experience supporting audits, RFPs, and customer assurance activities
• Knowledge of industry frameworks and regulations (NIST, GDPR, NCSC, etc.)
• Experience working with auditors, regulators, and certification bodies

Skills

• Strong documentation and audit evidence management
• Excellent communication skills with both technical and non-technical stakeholders
• Analytical mindset with attention to detail
• Ability to manage multiple priorities and projects
• Strong stakeholder engagement and influencing skills

Personal Attributes

• Proactive and solutions-focused
• Collaborative and team-oriented
• High level of integrity and professionalism
• Adaptable in a fast-paced environment

JBRP1_UKTJ