CISO / Cyber Security Assurance Lead (EUC / MDM Focus)

Social network you want to login/join with:

Client: Refreshing Recruitment Ltd

Location: Swindon, Wiltshire, United Kingdom

Job Category: Other

EU work permit required: Yes

2

07.06.2025

22.07.2025

Security Clearance required

Central London, hybrid working

6+ month contract.

A Cyber Security Assurance Lead, “a mini CISO” is sought to join a specialist End User Compute (EUC) IT services provider, leading the modernisation of secure digital workplaces with Zero Trust and next-gen security principles for high-profile Central Government departments – hence the need for current SC clearance.

As Cyber Security Assurance Lead, you will drive end-to-end EUC security assurance for a transformational Machinery of Government, macOS Developer Device Solution.

Key accountabilities include:

• Leading security assurance and governance throughout the solution lifecycle, from architecture design through build, deployment, and operational support.
• Development and maintenance of risk management documentation (RMADS, SyOps, DPIAs, threat models, and continuous threat models).
• Ensure alignment with assurance frameworks such as Government Security Classifications (GSC), NCSC guidance, Cabinet Office requirements, GDPR, and ISO27001.
• Conduct threat and vulnerability assessments for macOS devices, MDM platforms, developer tooling, remote access, and cloud-native infrastructure.
• Drive secure-by-design practices, collaborating with security architects, engineering, DevOps, and testing teams.
• Interface with stakeholders to gain necessary approvals and accreditation.
• Maintain assurance registers and contribute to programme-wide risk management and reporting.

We are seeking applications from candidates with a strong understanding of endpoint and device assurance, ideally with macOS and integration with MDM (e.g., Jamf, Intune, Workspace ONE), and:

• Professional certifications such as CISSP, CISM, CCSP, or ISO 27001 Lead Auditor
• Experience leading security assurance in central government or similar high assurance environments
• Deep understanding of security assurance frameworks, including NCSC Cloud Security principles, GDS Service Standards, and government accreditation processes
• Hands-on experience producing RMADS, SyOps, DPIAs, and similar artefacts
• Experience with security tooling for risk assessments, threat modelling, and vulnerability scanning
• Security Clearance

Other preferred skills include experience in DevSecOps or agile environments, knowledge of Zero Trust architecture, IAM, and cloud-native security practices.