Information Security Assurance Specialist

We are hiring an Information Security Assurance Specialist to join us here at Genomics England. This role is focused on assurance, governance, and compliance rather than day-to-day technical engineering. It involves managing risk, ensuring regulatory alignment, supporting accreditation, and building awareness across the organisation, with an emphasis on cyber and IT security compliance. You will work closely with the Information Security Assurance Manager to assess risks, review policies, and support incident response activities when required. You will coordinate audits, supplier assessments, and penetration tests, ensuring findings are tracked and addressed. You will contribute to staff awareness and wider governance so security remains a shared responsibility across the business.

• Support assurance, risk, and compliance activities across all services delivered by Genomics England.
• Review and contribute to cyber security policies, frameworks, and governance.
• Arrange and track audits, penetration tests, and supplier assessments, ensuring timely follow-up of findings.
• Support accreditation and regulatory compliance activities.
• Assist with cyber risk assessments, documenting and contributing to treatment plans.
• Provide input into awareness programmes to strengthen organisational understanding of security and compliance.
• Analyse and interpret data to produce clear, actionable assurance insights.
• Solid background in audit, assurance, or compliance, ideally within information or cyber security.
• Understanding of governance frameworks, regulatory requirements, and accreditation processes.
• Strong analytical skills with the ability to turn data into meaningful recommendations.
• Clear communicator, able to explain risk and compliance issues to technical and non-technical stakeholders.
• Proven organisational skills with the ability to manage multiple assurance activities.

• Experience enhancing or building assurance frameworks.
• Knowledge of supplier audits and third-party risk management.
• Familiarity with industry standards and emerging risks in cyber security.
• Experience contributing to awareness or training programmes around compliance and assurance.
• Certifications from ISACA (e.g., CISA, CISM), Lead Auditor qualification, or equivalent are highly welcome and beneficial.

• Generous Leave: 30 days' holiday plus bank holidays, additional leave for long service, and up to 30 days remote working abroad annually (approval required).
• Family-Friendly: Blended working arrangements, flexible working, enhanced maternity, paternity and shared parental leave benefits.
• Pension & Financial: Defined contribution pension (Genomics England doubles contributions up to 10%), Life Assurance (3x salary), Give As You Earn.
• Learning & Development: Individual learning budgets, support for training and certifications, and reimbursement for one annual professional subscription (approval required).
• Recognition & Rewards: Employee recognition programme and referral scheme.
• Health & Wellbeing: Subsidised gym membership, Headspace, and access to an Employee Assistance Programme, eye tests, flu jabs.

Genomics England is committed to an inclusive environment that promotes equity, diversity and inclusion best practice. We welcome everyone and are committed to non-discrimination and fairness in our recruitment and work environment. If you require adjustments during the recruitment process, discuss this with us.

Genomics England operates a blended working model. We expect most people to come into the office a minimum of 2 times each month, with variations by role and team. Some roles require full-time on-site attendance. Office locations: Canary Wharf, Cambridge and Leeds.

Genomics England partners with the NHS to provide whole genome sequencing diagnostics and to support research and patient care in genomics. Our mission is to enable others to deliver genomic healthcare and conduct genomic research, improving patient outcomes and enabling new medical discoveries.