CISO / Cyber Security Assurance Lead (EUC / MDM Focus)

Social network you want to login/join with:

Client: Refreshing Recruitment Ltd

Location: Preston, Lancashire, United Kingdom

Job Category: Other

EU work permit required: Yes

Job Views: 2

Posted: 07.06.2025

Expiry Date: 22.07.2025

Security Clearance required.

Central London, hybrid working.

6+ month contract.

We are seeking a Cyber Security Assurance Lead, often referred to as a “mini CISO,” to join a specialist End User Compute (EUC) IT services provider. The role involves leading the modernization of secure digital workplaces using Zero Trust and next-generation security principles for high-profile Central Government departments, hence the need for current SC clearance.

As the Cyber Security Assurance Lead, you will oversee end-to-end EUC security assurance for a transformational Machinery of Government, macOS Developer Device Solution.

Key responsibilities include:

• Leading security assurance and governance throughout the solution lifecycle, from architecture design to deployment and operational support.
• Developing and maintaining risk management documentation such as RMADS, SyOps, DPIAs, threat models, and continuous threat assessments.
• Ensuring compliance with assurance frameworks including Government Security Classifications (GSC), NCSC guidance, Cabinet Office requirements, GDPR, and ISO27001.
• Conducting threat and vulnerability assessments for macOS devices, MDM platforms, developer tools, remote access, and cloud infrastructure.
• Promoting secure-by-design practices in collaboration with security architects, engineering, DevOps, and testing teams.
• Engaging with stakeholders to obtain necessary approvals and accreditation.
• Maintaining assurance registers and contributing to program-wide risk management and reporting.

Ideal candidates will have a strong understanding of endpoint and device assurance, especially with macOS and MDM platforms such as Jamf, Intune, or Workspace ONE, and will possess:

• Professional certifications like CISSP, CISM, CCSP, or ISO 27001 Lead Auditor.
• Experience leading security assurance in central government or similar high-assurance environments.
• Deep knowledge of security assurance frameworks, including NCSC Cloud Security principles, GDS Service Standards, and government accreditation processes.
• Hands-on experience producing RMADS, SyOps, DPIAs, and related artifacts.
• Experience with security tooling for risk assessments, threat modeling, and vulnerability scanning.
• Active Security Clearance.

Additional preferred skills include experience with DevSecOps or agile environments, knowledge of Zero Trust architecture, IAM, and cloud-native security practices.