CrawlJobs Logo
TalentHawk Logo TalentHawk · IT - Software Development

Information Security Assurance Analyst

United Kingdom, Portsmouth · Job Posted May 04, 2026
Apply Position
Job Link Share

Job Description

Information Security Assurance Analyst

Job Responsibility

  • Perform a threat modelling exercise of all projects and provide mitigating cyber security requirements to help ensure the secure delivery of compliant systems, applications and business processes
  • Review both high/low level architecture definition documents for compliance against security policies, standards and regulatory requirements, defining Cyber non-functional requirements
  • Attend Technical Design Authority (TDA meeting to provide security signoffs
  • Work within the Security Assurance team consisting of security assurance analyst / consultants providing thought leadership across several assurance functions, and helping smooth engagements with project delivery teams
  • Perform cyber security risk assessments, compliance checks, audits and reviews to ensure that appropriate security controls are in place and highlight any deficiencies and gaps for management consideration
  • Provide support in scoping and overseeing pen tests and re-tests
  • Review recommendations and collaborate with the relevant teams to support remediation efforts
  • Provide cyber security assurance activities by ensuring implemented solutions are a replica of agreed and approved architecture definition documents, helping to facilitate penetration testing, whilst providing security advice and guidance
  • Support to management, BAU and projects to comply with legal and regulatory requirements
  • Where required, propose solutions and coordinate delivery of mitigating actions to ensure risk levels are aligned with risk appetite
  • Perform compliance checks to ensure Cyber Security controls are operating as designed
  • Ensure security assurance processes and procedures are followed and evidence retained for regulatory and audit purposes
  • Support continued service improvement activities
  • Provide relevant updates to monthly CNI and governance forums
  • Provide relevant input to security reports to execs, shareholder and the board
  • Support regulatory reporting
  • Support regulatory inspections, internal and external audits and remediation of findings
  • Ensure identified issues and risks resulting from security assurance activities are appropriately managed, providing visibility to senior leaders of high-risk areas
  • Support the CISO and wider cyber management team
  • Build and maintain relationships with key stakeholders, including the PMO and delivery teams, IT Operations and product groups, Architecture and third-party security providers

Requirements

  • CISM/CISSP/CCSP/TOGAF/CRISC/AWS Solution Architect or equivalent certified or willing to undergo certification on the job
  • Must have Security Clearance or be eligible for security cleared
  • Must have experience in Cloud (IaaS, Paas, SaaS)
  • Must have proven expertise in three of the following security areas: identity and access management, network security, end user security, threat modelling, Security Risk and Compliance, penetration testing
  • Must have at least 3 years’ cyber security experience
  • Good understanding and practical experience of Cyber Security Frameworks and standards such as NCSC CAF, NIST Framework, ISO 27001, ISO27005, IEC62443 etc.
  • Good understanding of Cyber Assurance Framework and experience with working with Regulators and providing compliance updates
  • The individual should be educated to degree level in a relevant discipline

Nice to have

  • Knowledge and experience on IT Auditing/Control testing, IT Information Security and IT generic computing controls
  • Knowledge of technology risk and controls including relevant tools and techniques
  • Knowledge of key areas in technology risk, including operations, change, security, resilience at both application and infrastructure layers
  • The suitable candidate must be a highly motivated individual
  • A proven track record as a cyber security subject matter expertise in this or other organisations is a prerequisite requirement
  • The role will require a significant attention to detail and ability to work with both a strategic, Director level as well as working with subject matter experts on detailed design issues and application, integration and data modelling
  • The successful candidate will be required to be an excellent communicator and not averse to dealing with conflict management and decision making on a regular basis
  • Desirable experience in Vulnerability Assessment and Management, Cloud Security Architecture, Application Security, Security Operations Centre and Investigations, Incident Management and Security Engineering
TalentHawk - All Job Offers

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Suggested Tags: Frontend Developer Secretary Talent Manager Salesforce Administrator Data Analyst
Similar Jobs for

Information Security Assurance Analyst

8 matching positions

Information Security Assurance Analyst

We have a brilliant opportunity to join an industry-leading utility company base...
Location
Location
United Kingdom , Portsmouth
Salary
Salary:
50000.00 - 55000.00 GBP / Year
triarecruitment.com Logo
TRIA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Strong experience of performing threat modelling exercises
  • Experience of reviewing high/low level architecture definition documents for compliance against security policies and standards
  • Knowledge of technology risk and controls including relevant tools and techniques
  • Good understanding and practical experience of Cyber Security Frameworks including NCSC CAF, NIST and ISO 27001
  • Must have at least 2 years' cyber security experience
  • Excellent communication skills with the ability to deal with conflicting priorities
  • Must be eligible for SC Clearance/have an active SC Clearance
Job Responsibility
Job Responsibility
  • Providing assurance to the leadership team regarding the design and operating effectiveness of IT security controls within future IT projects and implementation
  • Reviewing and identifying security control gaps in design documents
  • Providing recommendations for amendments and mitigation
What we offer
What we offer
  • Salary sacrifice pension scheme
  • 25 days holiday + Bank Holidays
  • Fulltime
Read More
Arrow Right

Information Assurance Specialist I (Information Security Analyst)

Barbaricum is seeking an Information Assurance Specialist I (Information Securit...
Location
Location
United States , Indianapolis
Salary
Salary:
Not provided
barbaricum.com Logo
Barbaricum
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Active DoD Secret Clearance
  • Bachelor's degree in related field
  • Meet DoDM 8140.03 IAT III/IAM II requirements
  • Minimum 2yr experience in network operations and information security
  • Demonstrated experience assessing security controls based on cybersecurity principles and tenets (e.g., NIST SP 800-53, Cybersecurity Framework, etc.)
  • In-depth understanding of relevance of NIST Security Controls and Control Implementation methodologies to the SA&A process
  • Demonstrated experience with continuous monitoring/ongoing authorization
Job Responsibility
Job Responsibility
  • Support cybersecurity compliance, risk management, and information assurance activities for Department of Defense (DoD) systems and networks
  • Assist in assessing and validating security controls in accordance with NIST SP 800-53, the NIST Cybersecurity Framework, and applicable DoD requirements
  • Support the Security Assessment and Authorization (SA&A) process by reviewing control implementations, identifying risks, and documenting findings
  • Participate in continuous monitoring and ongoing authorization activities to help maintain system security posture and compliance
  • Assist with vulnerability assessments, security reviews, and remediation tracking efforts across enterprise environments
  • Collaborate with system administrators, engineers, and cybersecurity personnel to implement and maintain required security controls
  • Develop and maintain cybersecurity documentation, including assessment reports, compliance artifacts, and authorization support materials
  • Monitor security-related activities and provide recommendations for risk mitigation and control improvements
  • Support compliance with the Risk Management Framework (RMF), organizational policies, and applicable federal and DoD cybersecurity standards
  • Stay informed on cybersecurity threats, vulnerabilities, and best practices to support effective information assurance operations
  • Fulltime
Read More
Arrow Right

Information Assurance Specialist – III (Information Security Analyst)

Barbaricum is seeking an experienced Information Assurance Specialist III (Infor...
Location
Location
United States , Indianapolis
Salary
Salary:
Not provided
barbaricum.com Logo
Barbaricum
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Active DoD Secret Clearance
  • Bachelor's degree in related field
  • Must meet DoDM 8140.03 IAT III/IAM II requirements
  • Minimum 10yr experience in network operations and information security
  • Demonstrated experience assessing security controls based on cybersecurity principles and tenets.(e.g., NIST SP 800-53, Cybersecurity Framework, etc.)
  • In-depth understanding of relevance of NIST Security Controls and Control Implementation methodologies to the SA&SA process
  • Relevant DOD, DHS or .gov Cyber Security Information Assurance focused experience with specific current hands-on researching, writing, and submitting complete A&A documentation packages for new system authorizations
Job Responsibility
Job Responsibility
  • Assess, implement, and validate cybersecurity controls in accordance with NIST SP 800-53, the NIST Cybersecurity Framework, and applicable DoD cybersecurity requirements
  • Support the Security Assessment and Authorization (SA&A) process by evaluating security controls, identifying risks, and recommending mitigation strategies
  • Develop, review, and maintain Assessment and Authorization (A&A) documentation packages to support system accreditation and authorization efforts
  • Conduct security assessments, vulnerability analyses, and compliance reviews to ensure systems meet federal and DoD cybersecurity standards
  • Collaborate with system owners, engineers, and cybersecurity teams to implement security controls and maintain a strong security posture across enterprise environments
  • Support continuous monitoring activities, including risk assessments, control validation, remediation tracking, and reporting
  • Provide cybersecurity guidance and recommendations related to information assurance, risk management, and regulatory compliance
  • Prepare technical reports, security documentation, and executive briefings to support authorization decisions and stakeholder requirements
  • Ensure compliance with Risk Management Framework (RMF), DoD policies, and applicable government cybersecurity regulations
  • Serve as a subject matter expert on information assurance, cybersecurity controls, accreditation processes, and security compliance initiatives
  • Fulltime
Read More
Arrow Right

Information Security Analyst

We are looking for an Information Security Analyst to join our Risk, Legal and C...
Location
Location
Australia , Sydney
Salary
Salary:
Not provided
lgt.com Logo
LGT Gruppe Holding AG
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years in security operations or related IT functions, such as networking or IT systems engineering
  • Strong understanding of security concepts such as server hardening & patching, M365 & Azure configuration, Endpoint Protection solutions, Vulnerability Management, Firewall configuration, user access management, data loss prevention
  • Strong understanding of security architecture concepts across on-premises, cloud, and SaaS environments
  • Experience assessing solution designs and identifying security risks at an architectural level
  • Ability to translate complex technical and policy-driven security requirements into business-friendly language
  • Strong pragmatic, risk-based mindset with the ability to balance security, usability, cost, and delivery timelines
  • Experience engaging in business projects, conduct threat modelling, risk assessments, controls design as well as validating the design and implementation of key controls
  • Experience driving security initiatives to align technical services with security policies
  • Strong problem-solving abilities, with a logical and methodical approach to tasks
  • Excellent communication skills, able to translate technical concepts for non-technical stakeholders
Job Responsibility
Job Responsibility
  • Responsible for maintaining a strong security environment, reducing cyber risk exposure, and supporting security operations, monitoring, and reporting
  • Contributes to LGT WM's information security strategy and risk framework while embedding security requirements into key business projects from the outset
  • Participates in initiatives to ensure compliance with privacy laws and external regulatory obligations, including GS 007
  • Support the cyber security assurance program, assisting audit activities and owning the remediation of findings
  • Support an effective cyber security assurance strategy over third parties / suppliers, enabling the business to engage with strategic partners without taking excessive risk
  • Conduct third party reviews when required
  • Actively participate in cyber security strategy formulation, prioritizing the protection of mission critical digital assets and maximizing the value of security investments
  • Participate in project delivery teams to provide security input throughout the solution lifecycle, from early design through to implementation and go-live
  • Participate in operational change management and ensure security related changes are adequately tested prior and post implementation, to reduce business impacts
  • Fulltime
Read More
Arrow Right

Information Assurance Analyst

Our client is continuing to develop its Information Assurance capability within ...
Location
Location
United Kingdom , Oxfordshire
Salary
Salary:
47195.00 GBP / Year
datacareers.co.uk Logo
DataCareers
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Foundational understanding of information security or risk concepts
  • Strong communication skills
  • Comfortable asking questions, contributing in meetings, and working collaboratively with a range of stakeholders
  • Positive, curious, and pragmatic approach to problem-solving
  • Second or third role within IT risk, audit, assurance or a related discipline
Job Responsibility
Job Responsibility
  • Supporting system accreditation and maintaining compliance with IA standards
  • Conducting risk assessments for changes to existing services
  • Producing clear, structured documentation to support assurance activity
  • Mapping and documenting processes (e.g. using Visio)
  • Engaging with stakeholders across ICT and the wider organisation
  • Representing the team in forums such as change approval boards (following onboarding)
  • Contributing to guidance, awareness and user support
  • Supporting occasional physical security activity, including site visits (training provided)
  • Fulltime
Read More
Arrow Right

Lead Analyst, Information Security Governance & Compliance

Beacon Hill Technologies is partnering with a client to identify a Lead Analyst,...
Location
Location
United States , Boca Raton
Salary
Salary:
Not provided
bhsg.com Logo
Beacon Hill
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Practical, working knowledge of audit and assurance concepts and terminology
  • Experience supporting both internal and external audits
  • Ability to evaluate the quality and sufficiency of audit evidence
  • Strong attention to documentation, traceability, and control effectiveness
  • Prior experience in information security governance, compliance, or risk management
  • Demonstrated ability to lead work while remaining directly involved in execution
  • Clear communication skills, particularly when explaining audit or compliance topics
  • Bachelor’s degree in Information Security, Risk Management, or a related discipline
  • 7+ years of experience in governance, risk, and compliance or information security roles
  • Familiarity with security and control frameworks such as NIST or ISO
Job Responsibility
Job Responsibility
  • Support and guide audit, compliance, and risk activities within the information security organization
  • Ensure audit readiness
  • Coordinate audit responses
  • Validate the quality and completeness of evidence
Read More
Arrow Right

Cyber Information Assurance Analyst - Junior Assessor

The Cyber Information Assurance Analyst supports the customer by performing anal...
Location
Location
United States , Ft. Meade
Salary
Salary:
65000.00 - 70000.00 USD / Year
chickasaw.com Logo
Chickasaw Nation Industries, Inc (CNI)
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • The ability to obtain, maintain and access classified information at the TS/SCI level
  • DoD 8570 IAM/IA Technical (IAT) Level II certification
  • Familiarity with STIGs (Security Technical Implementation Guides), Security Requirement Guides (SRGs), Plan of Action and Milestones (POA&Ms) and cybersecurity best practices
  • Understanding of the RMF process, NIST SP 800- 37, NIST SP 800-53, CNSSI 1253
  • Familiarity with relevant tools such as eMASS, STIG Viewer, Nessus, ACAS, SCAP, or HBSS
  • Strong written and verbal communication skills for reporting assessment findings
  • Bachelor's Degree and a minimum of one to two (1-2) years of experience in systems security, or equivalent combination of education/experience
Job Responsibility
Job Responsibility
  • Conducts cybersecurity assessments, audits, and inspections for DoD organizations and partners handling DoD information or connecting to the DoDIN
  • Evaluates systems and Defensive Cyberspace Operations using cyber threat emulation and performance-based testing
  • Adheres to policies and processes for each assessment type
  • Supports assessment development and execution to ensure security expertise is properly applied
  • Coordinates logistics, test plans, and scope with the SCA Team Lead
  • Performs vulnerability assessments, capture results using STIG Viewer or designated tools, and document findings in eMASS
  • Analyzes security gaps and provide mitigation recommendations
  • Validates cybersecurity controls, TTPs, STIGs, RMF controls, and compliance with DoD policies and guidelines
  • Provides risk analysis and assessment results for authorization recommendations
  • Participates in daily assessment reviews, in-briefs, and out-briefs, sharing findings with the SCA-R
What we offer
What we offer
  • Medical
  • Dental
  • Vision
  • Company Life Insurance
  • Short-Term and Long-Term Disability Insurance
  • 401(K) Immediate Vesting
  • Professional Development Assistance
  • Legal Aid Assistance Program
  • Family Planning / Fertility Assistance
  • Personal Time Off
  • Fulltime
Read More
Arrow Right

Cyber Information Assurance Analyst SME

The Cyber Information Assurance Analyst SME provides IT support services for the...
Location
Location
United States , Albany, GA
Salary
Salary:
Not provided
chickasaw.com Logo
Chickasaw Nation Industries, Inc (CNI)
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Secret Clearance is required and must be maintained for employment
  • Must be eligible for an IT-II upon assignment
  • Tenable Certified NESSUS Auditor required and must maintain CSSP Auditor Certification
  • IAM III and IAT II level certification is required
  • Proven proficiency performing CCRI / vulnerability assessment / penetration testing on networks, databases, computer applications and IT frameworks
  • Seven (7) years IT experience
  • Five (5) years IA experience
  • Two (2) years of experience with DOD Vulnerability Management System
  • Command Cyber Readiness Inspection certification in at least one of the following areas: Retina scan analysis
  • Operating Systems (Windows, Unix)
Job Responsibility
Job Responsibility
  • Independently performs complex security analysis of classified and unclassified applications, systems and enclaves for compliance with security requirements
  • Performs Command Cyber Readiness Inspections and cybersecurity vulnerability evaluations
  • Uses a variety of security techniques, technologies, and tools to evaluate security posture in highly complex computer systems and networks
  • Performs vulnerability and risk analysis, and participate in a variety of computer security penetration studies
  • Analyzes and defines security requirements for computer and networking systems, to include mainframes, workstations, and personal computers
  • Recommends solutions to meet security requirements
  • Gathers and organizes technical information about an organization's mission goals and needs, and makes recommendations to improve existing security posture
  • Provide enterprise-wide technical analysis and direction for problem definition, analysis and remediation for complex systems and enclaves
  • Provides workable recommendations and advice to client executive management on system improvements, optimization and maintenance in the following areas: Information Systems Architecture, Automation, Telecommunications, Networking, Communication Protocols, Application Software, Electronic Email, VOIP and VTC
  • Competent to work at the highest level of all phases of information systems auditing
What we offer
What we offer
  • Medical
  • Dental
  • Vision
  • 401(k)
  • Family Planning/Fertility Assistance
  • STD/LTD/Basic Life/AD&D
  • Legal-Aid Program
  • Employee Assistance Program (EAP)
  • Paid Time Off (PTO) – (11) Federal Holidays
  • Training and Development Opportunities
  • Fulltime
Read More
Arrow Right