Cyber Security Governance & Assurance Specialist

Recruiter: Jayson Coley-Wynters

Career Grade: D

Location: Bristol


BT's Defence security team have an exciting new role available, supporting and developing secure practices for new business and existing contracts. This will suit seasoned professionals or emergent talent, giving the opportunity for the right person to bring their experience and fresh ideas to the table. You'll learn from those around you and be part of a friendly team, where flexible working and good work-life balance is always valued. So, what are you waiting for?

1. Provide security leadership and information assurance for BT Defence.
2. Using your experience, technical expertise and industry knowledge, you'll provide thought leadership to help shape and assure the future of our new and existing contracts.
3. Work with the existing team, technical and business development leads to understand security requirements, lead and support assurance activities, and ensure security is embedded from the outset.
4. Provide support to our sales and win-new-business teams to ensure security requirements are understood, such that security deliverables are planned and aligned to other schedules.
5. Undertake threat and risk assessments and carry out risk management activities.
6. Select and apply proportionate security controls from baseline control sets.
7. Produce Security Management Plans (SMP) and Cyber Implementation Plans (CIP).
8. Take the necessary action to ensure Secure-by-Design and Secure-in-Depth principles are embedded from the outset and maintained through-life.
9. Work with other stakeholders to assure supply chain security and the flow down of security and contractual requirements.
10. Provide general security advice and promote best practice, giving direction to stakeholders within BT and our external customer(s).
11. Work with our security operations team to ensure alignment and support from existing processes so we are as efficient and effective as possible.
12. Be a security ambassador for our company, our customers, and our team.

1. Already hold or be capable of achieving and maintaining the required security clearance (SC as a minimum).
2. Have a proven track record in security and information risk management, complemented with a high degree of technical proficiency and some UK Govt. sector experience.
3. Have experience or be comfortable working within a bid team environment (when required).
4. Have experience producing security documentation (Security Management Plans, ITT responses, Security Cases, RMADs, SyOPs etc).
5. Have excellent verbal and written communication skills.
6. Be confident to work with other BT Defence teams (e.g. technical), to understand solutions and provide assurance or advice through a security lens.
7. Be capable of influencing and transferring expertise to enable change whilst maintaining compliance to secure working requirements.
8. Have knowledge of MoD/UK Govt. Secure-by-Design and Secure-in-Depth principles.
9. Have knowledge and experience (preferred) of the following security standards: NIST Cyber Security Framework, NIST 800-53-r5; NIST 800-37 and ISO 27001.
10. Be excellent at stakeholder management and be able to work with (and provide security support to) peer SMEs from other disciplines.
11. Be self-motivated and proactive.
12. Promote the latest security best practice and awareness.

1. Be experienced in working in major public industry sectors e.g. Defence (MoD) and/or HM Government departments or agencies.
2. Have knowledge and experience with MoD JSP440/490/604, Cyber Security Model and Defence Standards e.g. forthcoming changes to Def Stan 05-138.
3. Have a NIST Cybersecurity Professional certification.
4. Be a Certified Cloud Security Professional (CCSP).
5. Have a NCSC Certified Cyber Professional (CCP) Information System Security Manager and/or Security & Information Risk Advisor certification or background.
6. Have a Certified Information Systems Security Professional (CISSP) certification or background.
7. Have a Certified Information Security Manager (CISM) certification or background.

1. Competitive salary and on-target bonus plan.
2. Flexible and smart working.
3. Training and development opportunities.
4. Competitive share options and pension scheme.
5. Access to discounts on BT & EE products.
6. 25 days annual leave (not including bank holidays).
7. 3 days paid volunteering a year.
8. Location: Bristol.
9. Weekly Hours: 37.5.
10. Salary: Level D.
11. Position Type: Full-time.
12. Contract: Permanent.

With over 175 years of heritage, BT is now the flagship business brand of BT Group. We've brought together our best people and capabilities into a B2B powerhouse serving 1.2 million business customers internationally.

We're a global leader for secure connectivity and collaboration platforms for businesses of all shapes and sizes, from big household names and government departments, right through to sole traders and new start-ups. But it's not just the technology that matters, it's what it can do to help them build stronger, smarter, more secure businesses.

We value diversity and inclusion and believe in making a positive impact. We connect for good by championing digital inclusion and equipping people, businesses, and communities with digital skills to thrive.

As a member of our team, you will be part of an organisation that celebrates difference, fosters innovation, and provides you with opportunities to be your best. With millions of businesses relying on us daily, joining BT means you can be part of a diverse and multi-skilled team that makes a significant impact on society.


Although these roles are listed as full-time, if you're a job share partnership, work reduced hours, or any other way of working flexibly, please still get in touch.

We will also offer reasonable adjustments for the selection process if required, so please do not hesitate to inform us.


Studies have shown that women and people who are disabled, LGBTQ+, neurodiverse or from ethnic minority backgrounds are less likely to apply for jobs unless they meet every single qualification and criteria. We're committed to building a diverse, inclusive, and authentic workplace where everyone can be their best, so if you're excited about this role but your past experience doesn't align perfectly with every requirement on the Job Description, please apply anyway - you may just be the right candidate for this or other roles in our wider team.