IT Assurance Officer

TechNET IT Recruitment
Gloucester, United Kingdom
2 days ago

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Experience level
Senior
Compensation
£ 70K

Job location

Gloucester, United Kingdom

Tech stack

Amazon Web Services (AWS)
Azure
Control Objectives for Information and Related Technology (COBIT)
Identity and Access Management
Power BI
Information Security Management System
IT General Controls (ITGC)
ServiceNow

Job description

We're looking for an IT Assurance Officer to strengthen our governance, risk, and compliance capabilities across a complex, modern IT landscape. You'll help design, test, and continuously improve the controls that keep our business secure, resilient, and audit-ready, working closely with Technology, Security, and Internal Audit teams. What you'll do

  • Plan and deliver IT assurance reviews across infrastructure, applications, and cloud (Azure/AWS).
  • Test and validate IT general controls (access, change, backup/restore, DR/BCP), tracking remediation through to closure.
  • Maintain and evolve the ISMS; support external and internal audits (e.g., ISO 27001).
  • Perform risk assessments (cyber, information, third-party) and recommend pragmatic controls aligned to frameworks (ISO 27001, NIST CSF, CIS).
  • Own policy/standard updates, control evidence, and high-quality documentation.
  • Partner with data protection and security teams on GDPR and security-by-design.
  • Produce clear, executive-ready reporting on control performance, KRIs/KPIs, and risk posture.
  • Champion awareness and continuous improvement across the organisation.

Requirements

  • 3-5+ years in IT assurance, audit, risk, or security governance (industry or Big 4/consulting).
  • Hands-on experience testing/designing IT controls and managing remediation.
  • Working knowledge of ISO 27001/2, NIST, COBIT, CIS Controls, and ITIL practices.
  • Familiarity with cloud platforms, identity & access management, and change management.
  • Strong documentation and stakeholder skills; comfortable influencing at pace.
  • Desirable certifications: CISA, ISO 27001 Lead Implementer/Auditor, CRISC, or similar.

Nice to have

  • Experience in regulated or multi-site organisations.
  • Exposure to GRC tooling (e.g., ServiceNow GRC, Archer) and audit management.
  • SOX controls understanding and/or analytics/reporting (e.g., Power BI).

Benefits & conditions

  • Competitive base + bonus, pension, and comprehensive benefits.
  • Hybrid working with modern tooling and supportive leadership.
  • Funded training & certifications and a clear path for progression.

Apply for this position