Cyber Security Assurance Lead

Reporting Line: Head of Cyber Security Compliance & Assurance
Contract type: Permanent
Grade: 3A
Location: Wood Street, London

• The Cyber Security Assurance Lead will be responsible for providing cyber security guidance to the business for all IT related projects.
• Help to perform risk assessments and security control assessments, draft exceptions, input into supplier selection, and provide project stage approval.
• Scope and coordinate end-to-end penetration tests, including working with project and delivery teams to support remediation of findings.
• Drive a culture of inclusion, continuous improvement, and high performance across their teams, delivery and decision-making.

Now, more than ever, we understand that attracting the right talent is pivotal in driving the positive change needed throughout our organisation. Beyond a competitive salary, we offer a comprehensive benefits package that includes:

• 27.5 days annual leave that increases with tenure
• Up to 18% on target bonus opportunity
• Car allowance
• Generous pension contribution
• Life assurance
• Income protection after 12 months service
• Full support from our employee assistance programme and access to our employee benefits platform
• Ever-evolving learning and development opportunities

Our commitment to embracing diversity extends beyond just words. We actively foster an inclusive workplace that values the unique perspectives and contributions from all colleagues. We hold the belief that Equity, Diversity, and Inclusion are not just vital but fundamental to our success and growth. Our priority lies in shaping a business that mirrors the diverse communities we reach, truly making Post Office 'Everybody's Business'. As an equal opportunity employer, we value and celebrate the differences among our people, ensuring that our practices reflect our dedication to inclusivity and equal representation for all.

• Previous experience of working in a similar assurance, advisory or architecture role, overseeing activities across critical systems and the supply chain including audits and risk assessments.
• Proven experience leading cyber assurance or risk assessment activities in a complex, regulated and outsourced technology environment.
• Familiarity with a wide range of cyber security technologies (e.g., GRC platforms, SIEM tools, vulnerability management etc.).
• Knowledge of best practice security frameworks such as: NCSC CAF, NIST CSF, ISO27001, PCI DSS, OWASP etc.
• Strong knowledge of cyber risks, latest security trends and data protection.
• Strong knowledge and experience in managing and securing cloud solutions in AWS and Azure.
• Strong knowledge and experience in scoping and coordinating end-to-end pentests and establishing remediation plans.
• Worked with agile teams, knowledge of CI/CD pipeline and technology to support from a DevSecOps perspective.
• Substantial experience in establishing successful, cross-functional, stakeholder relationships.
• Demonstrable experience of delivering projects to achieve key objectives.

Post Office is a community staple. We're trusted. We're relatable. We're reliable. We're steeped in tradition. But we're on a journey of transformation. We're focused on the future and working at pace to compete in a digital world to provide the same, personalised experience we've always been proud of - and we need fresh talent to help make it possible.

We're looking for people to come to Post office to re-imagine. Authentic people who rise to big challenges and make big changes. We all have a genuine duty of care for the people we serve - a purpose that guides us forward, no matter what. We're looking for people who share in that purpose and show that now, and moving forwards, Post Office truly is Everybody's Business.