CISO / Cyber Security Assurance Lead (EUC / MDM Focus)

Social network you want to login/join with:

Client: Refreshing Recruitment Ltd

Location: Newcastle-upon-Tyne, Tyne and Wear, United Kingdom

Job Category: Other

-

EU work permit required: Yes

2

07.06.2025

22.07.2025

Security Clearance required

Location: Central London, hybrid working

Duration: 6+ months contract

A Cyber Security Assurance Lead, often referred to as a “mini CISO,” is sought to join a specialist End User Compute (EUC) IT services provider. The role involves leading the modernization of secure digital workplaces using Zero Trust and next-generation security principles, primarily for high-profile Central Government departments, hence the need for current SC clearance.

As Cyber Security Assurance Lead, you will oversee end-to-end EUC security assurance for a transformational Machinery of Government, macOS Developer Device Solution.

Key responsibilities include:

• Leading security assurance and governance throughout the solution lifecycle, including architecture design, build, deployment, and operational support.
• Developing and maintaining risk management documentation such as RMADS, SyOps, DPIAs, threat models, and continuous threat assessments.
• Ensuring compliance with assurance frameworks like Government Security Classifications (GSC), NCSC guidance, Cabinet Office requirements, GDPR, and ISO27001.
• Conducting threat and vulnerability assessments for macOS devices, MDM platforms, developer tooling, remote access, and cloud-native infrastructure.
• Promoting secure-by-design practices in collaboration with security architects, engineering, DevOps, and testing teams.
• Interfacing with stakeholders to obtain necessary approvals and accreditation.
• Maintaining assurance registers and contributing to program-wide risk management and reporting.

We are seeking candidates with strong knowledge of endpoint and device assurance, especially with macOS and MDM solutions such as Jamf, Intune, or Workspace ONE. Additionally, candidates should have:

• Professional certifications like CISSP, CISM, CCSP, or ISO 27001 Lead Auditor
• Experience leading security assurance in central government or similar high-assurance environments
• Deep understanding of security assurance frameworks, including NCSC Cloud Security principles, GDS Service Standards, and government accreditation processes
• Hands-on experience producing RMADS, SyOps, DPIAs, and similar artifacts
• Experience with security tooling for risk assessments, threat modeling, and vulnerability scanning
• Security Clearance

Preferred skills include experience in DevSecOps or agile environments, knowledge of Zero Trust architecture, IAM, and cloud-native security practices.