Cyber Security Governance & Assurance Specialist

Press Tab to Move to Skip to Content Link

Select how often (in days) to receive an alert:

Posting Date: 8 May 2025

Function: Cyber Security

Unit: Networks

Location: One Braham (4140), London, United Kingdom

Salary: Competitive with Great Benefits

The Secure in Operation Governance Specialist plays a critical role in ensuring the organization operates securely and compliantly. They provide expert guidance and support to the first line of defense to identify, assess, and manage risks. They also collaborate with the Secure in Operation and Assurance team to enhance security controls and practices across the organization. This role is key in the organization’s cyber risk management strategy, maintaining security and resilience.

This role involves 3 days in the office and 2 days remote. Office locations include London, Bristol, Manchester.

The Secure in Operation Governance Specialist will work with the Governance Manager to ensure business operations are secure and compliant with policies, standards, and regulations. They will partner with operational teams to implement an embedded security capability, leveraging security tools for automation and proactive risk management. A strong understanding of security standards, regulatory frameworks, risk management, and governance, along with problem-solving skills, is essential.

Key Responsibilities include:

• Collaborating with the Governance Manager and team to foster a supportive security culture.
• Supporting the development and operation of a security controls governance framework.
• Encouraging compliance and assurance within the team.
• Assisting in maturing the security governance functions aligned with industry best practices.
• Building trusted relationships with operational teams to embed security practices.
• Managing delivery plans and reporting progress regularly.
• Using data to inform decisions, focusing on metrics related to compliance and assurance.
• Working with the team to develop an end-to-end secure operation capability.
• Identifying issues and collaborating with teams to address them.
• Contributing to the strategic objectives of the security governance function.
• Defining and delivering measurable objectives and reporting on progress.
• Being assertive and focused on compliance and assurance.

Mandatory experience:

• 5-7 years in cybersecurity or governance, risk, and compliance (GRC) roles.
• Experience with security frameworks like NIST CSF, NCSC CAF, CIS Controls, ISF SOGP.

Preferred experience:

• Experience with governance or risk frameworks like ISO 27001, COBIT, NIST RMF.
• Knowledge of capability maturity models (e.g., CMMI).
• Experience with regulatory compliance such as TSA, NIS, DORA.
• Skills in data analysis and KPI/KRI reporting.
• Experience in large, geographically dispersed organizations.
• Industry certifications like CGRC, CISM, CISSP.
• Bachelor's degree in Computer Science, Information Security, or related field.

Additional benefits include:

• Family leave starting January 2025: 18 weeks full pay, 8 weeks half pay, 26 weeks statutory.
• Enhanced women’s health support, including menopause, screenings, and period care.
• 25 days annual leave plus bank holidays, increasing with service.
• 24/7 virtual GP for UK colleagues.
• 2 weeks carer’s leave.
• Training and development opportunities.
• Option to join BT Shares Saving schemes.

About us

BT Group is a pioneer in telecommunications, with a rich heritage. We are investing in full fiber broadband, 5G, and digital transformation to enhance connectivity and customer experience. We value diversity and inclusion, encouraging applications from all backgrounds, even if you do not meet every criterion.