CISO / Cyber Security Assurance Lead (EUC / MDM Focus)

Job Title: CISO / Cyber Security Assurance Lead (EUC / MDM Focus), Telford

Refreshing Recruitment Ltd

Telford, United Kingdom

Other

Yes

2

07.06.2025

22.07.2025

This role requires security clearance and is based in Central London with hybrid working. It is a 6+ month contract.

We are seeking a Cyber Security Assurance Lead, often referred to as a “mini CISO,” to join a specialist End User Compute (EUC) IT services provider. The focus is on modernising secure digital workplaces using Zero Trust and next-generation security principles, primarily for high-profile Central Government departments. Therefore, current SC clearance is essential.

As the Cyber Security Assurance Lead, you will oversee end-to-end EUC security assurance for a transformational Machinery of Government, macOS Developer Device Solution.

Key responsibilities include:

1. Leading security assurance and governance throughout the solution lifecycle (architecture design, build, deployment, operational support).
2. Developing and maintaining risk management documentation such as RMADS, SyOps, DPIAs, threat models, and continuous threat assessments.
3. Ensuring compliance with assurance frameworks like GSC, NCSC guidance, Cabinet Office requirements, GDPR, and ISO27001.
4. Conducting threat and vulnerability assessments for macOS devices, MDM platforms, developer tooling, remote access, and cloud-native infrastructure.
5. Promoting secure-by-design practices by collaborating with security architects, engineering, DevOps, and testing teams.
6. Engaging with stakeholders to secure necessary approvals and accreditation.
7. Maintaining assurance registers and contributing to risk management and reporting across the programme.

Ideal candidates will have a strong understanding of endpoint and device assurance, especially with macOS and MDM integrations (e.g., Jamf, Intune, Workspace ONE). Required qualifications and experience include:

• Professional certifications such as CISSP, CISM, CCSP, or ISO 27001 Lead Auditor.
• Experience leading security assurance in central government or similar high-assurance environments.
• Deep knowledge of security assurance frameworks, including NCSC Cloud Security principles, GDS Service Standards, and government accreditation processes.
• Hands-on experience producing RMADS, SyOps, DPIAs, and similar artefacts.
• Proficiency with security tools for risk assessments, threat modeling, and vulnerability scanning.
• Security Clearance.

Additional preferred skills include experience with DevSecOps or agile methodologies, knowledge of Zero Trust architecture, IAM, and cloud-native security practices.