CYBER SECURITY ASSURANCE SPECIALIST

CYBER SECURITY ASSURANCE SPECIALIST CCL Global are currently recruiting for a Cyber Security Assurance Specialist to support high-profile, security-critical environments. This role will play a key part in strengthening security posture, ensuring compliance, and supporting assurance activities across complex digital and infrastructure systems. Type of Contract: Contract (Inside IR35) Location: Oxfordshire OX14 3DB (Hybrid working available) Key Duties Will Include: * Design and implement secure infrastructure and cloud architectures across enterprise environments. * Conduct and support risk assessments, maintaining enterprise risk registers and ensuring alignment with industry methodologies. * Lead or contribute to security assurance activities, including audits, reviews, and remediation planning. * Apply and interpret security frameworks such as ISO 27001, NIST, CAF, Cyber Essentials, and GovAssure. * Assess and secure platforms including Entra ID (Azure AD), Microsoft 365 E5, Azure

IaaS/PaaS, and Windows/Linux/Unix systems. * Utilise security tooling such as SIEM, EDR/XDR, and vulnerability management platforms to monitor and improve security posture. * Develop and implement security policies, access control models (RBAC, ABAC), and logging standards. * Support incident management, vulnerability assessments, and SOC-related activities. * Contribute to secure software supply chain practices, including CI/CD security reviews. * Interpret threat intelligence, CVEs, and CVSS scores to inform risk-based decision making. * Collaborate with stakeholders across technical and non-technical teams, clearly articulating risks and solutions. * Support government or regulatory assurance processes such as Secure by Design and GovAssure. Requirements: * Proven experience in cyber security assurance, secure architecture design, or related disciplines. * Strong knowledge of risk assessment methodologies (ISO 31000, FAIR, OWASP risk rating). * Hands-on experience with enterprise security frameworks including ISO 27001, NIST, CAF, and Cyber Essentials. * Experience conducting security audits and implementing remediation strategies. * Technical expertise across cloud and enterprise platforms (Azure, M365, operating systems). * Familiarity with SIEM, SOC operations, endpoint detection, and vulnerability management tools. * Knowledge of ITSM processes, change control, and governance frameworks. * Experience with CI/CD security and software supply chain assurance. * Understanding of OT/ICS/SCADA environments is highly desirable. * Strong analytical, problem-solving, and organisational skills. * Excellent communication skills, with the ability to engage senior stakeholders and produce high-quality reports. * Degree in Cybersecurity, IT, or a related STEM field (or equivalent experience). * Relevant certifications such as CISSP, CISM, CRISC, CCSP, SABSA, SANS GIAC, CCP, or SIRA are desirable. * Experience working in regulated, government, or critical infrastructure environments is advantageous