Summary: The role of Security Assurance Manager involves leading security assurance activities for the MOD, focusing on managing cyber security risks across systems and services. The position requires collaboration with various stakeholders to ensure effective risk management and compliance with government security standards. The contract is for 5 months and is hybrid based in London or Corsham. SC Clearance is essential for this role.

Key Responsibilities:

• Lead and deliver security assurance activities across digital systems and services, ensuring risks are identified, assessed, and managed appropriately.
• Conduct tailored risk assessments and threat modelling to support assurance and compliance with government security frameworks.
• Provide clear, actionable security advice to senior stakeholders, enabling well-informed and auditable risk decisions.
• Ensure security controls align with the organisation’s risk appetite, legislative obligations, and regulatory requirements.
• Drive integration of cyber security risk mitigation and assurance practices into project and operational lifecycles.
• Champion the use of proportionate security practices that support secure delivery without unnecessary friction.

Key Skills:

• Proven experience in security assurance and cyber risk management, including conducting independent reviews, engaging suppliers, and supporting risk-based decisions across digital and defence systems.
• Strong experience of applying industry frameworks and standards (e.g. ISO 27001, NCSC guidance) to drive proportionate and effective security controls.
• Ability to design and deliver end-to-end security assurance plans across the system/service lifecycle, including interpreting outcomes for business impact.
• Skilled in translating risk appetite and threat intelligence into practical security requirements that support secure delivery.
• Proven experience in high assurance environments, able to communicate complex risk issues clearly and support secure delivery in line with government and defence standards.
• Deep understanding of data-centric security — including security controls, risks, and assurance in relation to data systems, cloud platforms (especially AWS), and public sector data handling.
• SC Clearance is an essential requirement for this role, as a minimum you must be willing & eligible to undergo checks.

Salary (Rate): undetermined

City: London

Country: United Kingdom

Working Arrangements: hybrid

IR35 Status: inside IR35

Seniority Level: undetermined

Industry: IT