Information Security Technical Assurance Lead

Information Security Technical Assurance Lead - £700 per day - Inside IR35 - Hybrid working from a site in Paddington - 6 months initial contract.

Our client, a global supplier to the nuclear energy industry, is seeking a highly skilled Information Security Cyber Assurance Specialist to join their team. This critical role is responsible for ensuring the security and resilience of their information systems, aligning with industry standards and regulatory requirements. You will provide assurance that their IT and OT environments are secure and compliant, supporting the delivery of business objectives while managing risk.

Key Responsibilities -

• Develop, implement, and maintain information security assurance programs.
• Ensure compliance with regulatory requirements and standards (e.g., ISO 27000, NIST SP800 series, CSF).
• Conduct risk assessments and vulnerability management activities.
• Maintain robust security controls across enterprise assets, software, networks, and applications.
• Support incident response and recovery processes, including penetration testing and audit log management.
• Deliver training and awareness programs to enhance the organizations security posture.
• Collaborate with internal and external stakeholders to maintain compliance and manage third-party risks.
• Provide expert advice on secure configurations, malware defences, and network monitoring strategies.

Qualifications & Experience -

Mandatory:

• At least 5 years’ experience in information security assurance roles.
• Proven experience with information security management frameworks and regulatory compliance (e.g., ISO 27000, NIST).
• Strong understanding of security controls across data, networks, applications, devices, and users.

Desirable:

• Familiarity with regulations in the Nuclear industry across operational geographies (US, UK, Netherlands, Germany).
• Knowledge of government information classification standards.
• Education & Certifications
• Bachelor’s or Master’s degree in Computer Science, Information Security, or a related field, or equivalent industry experience.
• Relevant certifications, including but not limited to:
• Certified Information Systems Security Professional (CISSP)
• Certified Information Security Manager (CISM)
• Certified Information Systems Auditor (CISA)
• Certified Ethical Hacker (CEH)
• CompTIA Security+
• Systems Security Certified Practitioner (SSCP)

Skills & Competencies -

Behavioural Competencies:

• Adaptability to evolving business needs and risk profiles.
• Strong decision-making capabilities with a business-focused perspective.
• Excellent communication skills and ability to engage with diverse stakeholders.
• A proactive, curious, and analytical mindset with strong problem-solving skills.

Technical Skills:

• Comprehensive knowledge of security controls, including:
• Data Protection, Account Management, and Access Control Management.
• Continuous Vulnerability Management and Incident Response.
• Penetration Testing and Security Awareness Training.
• Secure Configuration and Network Monitoring.