Security Assessor - Secure by Design

Security Assessor - Secure by Design

Posted 1 day ago by Proactive Appointments

Apply
Negotiable
Inside
Undetermined
London, UK
Apply
Cloud Computing Cloud Technology Cyber Security Cyber Security Policies Data Loss Prevention Governance Risk Management And Compliance Information Technology Controls Information Technology Security Systems IT Risk Management IT Security Architecture Management Risk Management Security Information And Event Management (SIEM) Stakeholder Engagement Stakeholder Management Test Strategy

Summary: The IT Security Assessor role at a leading global bank involves ensuring that technology projects within the Digital Engineering Services & Solutions division are secure-by-design and compliant with IT security policies. The position is ideal for experienced IT Auditors, Security Auditors, or GRC Analysts who will engage with stakeholders to validate security controls and manage multiple projects in a fast-paced environment. This role is classified as inside IR35, indicating a requirement for compliance with tax regulations. The successful candidate will contribute to high-profile technology initiatives in a regulated setting.

Key Responsibilities:

  • Delivering on the secure-by-design review process, ensuring all technology projects undergo security assessment prior to implementation.
  • Engaging with business and technical stakeholders to validate security controls (both technical and non-technical).
  • Reviewing and analysing reports, evidence, and control documentation to confirm effectiveness.
  • Developing and executing test strategies to validate security control performance.
  • Identifying gaps in operating effectiveness and recommending remediation actions.
  • Documenting risks, findings, and recommendations in clear, actionable reports.
  • Managing workload across multiple concurrent projects, meeting deadlines in a fast-paced portfolio environment.

Key Skills:

  • Strong understanding of cybersecurity and IT control frameworks (SOX, FFIEC, ISO27001, NIST, Cloud Security Alliance, PCI-DSS).
  • Proven experience as an IT auditor, security auditor, or GRC analyst in a complex environment.
  • Hands-on knowledge of IT security systems (OS, databases, Firewalls, SIEM, DLP, etc.).
  • Strong stakeholder engagement skills, with the ability to challenge and influence effectively.
  • Demonstrated ability to prioritise and deliver across multiple projects.
  • Excellent reporting, documentation, and presentation skills.

Salary (Rate): undetermined

City: London

Country: UK

Working Arrangements: undetermined

IR35 Status: inside IR35

Seniority Level: undetermined

Industry: IT

Detailed Description From Employer:

IT Security Assessor - Secure by Design

Inside IR35

Our client, a leading global bank, is seeking an IT Security Assessor to join their Digital Engineering Services & Solutions division. You'll play a pivotal role in ensuring projects across Infrastructure and Service Operations are secure-by-design, compliant with IT security policies, and resilient against emerging threats.

This is an excellent opportunity for an experienced IT Auditor, Security Auditor, or GRC Analyst to work on high-profile, business-critical technology initiatives within a complex, regulated environment.

Key Responsibilities

  • Delivering on the secure-by-design review process, ensuring all technology projects undergo security assessment prior to implementation.

  • Engaging with business and technical stakeholders to validate security controls (both technical and non-technical).

  • Reviewing and analysing reports, evidence, and control documentation to confirm effectiveness.

  • Developing and executing test strategies to validate security control performance.

  • Identifying gaps in operating effectiveness and recommending remediation actions.

  • Documenting risks, findings, and recommendations in clear, actionable reports.

  • Managing workload across multiple concurrent projects, meeting deadlines in a fast-paced portfolio environment.

Essential Skills & Experience

  • Strong understanding of cybersecurity and IT control frameworks (SOX, FFIEC, ISO27001, NIST, Cloud Security Alliance, PCI-DSS).

  • Proven experience as an IT auditor, security auditor, or GRC analyst in a complex environment.

  • Hands-on knowledge of IT security systems (OS, databases, Firewalls, SIEM, DLP, etc.).

  • Strong stakeholder engagement skills, with the ability to challenge and influence effectively.

  • Demonstrated ability to prioritise and deliver across multiple projects.

  • Excellent reporting, documentation, and presentation skills.

Preferred Skills

  • Experience in project management.

  • Previous assurance experience for cybersecurity policies, standards, and procedures.

  • Understanding of global IT risk management frameworks.

  • Exposure to senior stakeholder management and management-level reporting.

Due to the volume of applications received for positions, it will not be possible to respond to all applications and only applicants who are considered suitable for interview will be contacted.

Proactive Appointments Limited operates as an employment agency and employment business and is an equal opportunities organisation

We take our obligations to protect your personal data very seriously. Any information provided to us will be processed as detailed in our Privacy Notice, a copy of which can be found on our website

Apply
Similar Jobs
Loading data...