Information Security Assurance Specialist (we have offices in London, Leeds & Cambridge)

Genomics England partners with the NHS to provide whole genome sequencing diagnostics and to empower researchers to understand disease and develop new treatments. Our mission is to enable genomic healthcare and research by delivering high-quality data, technology, and insights with patients at the heart of our work. We are hiring an Information Security Assurance Specialist to join Genomics England. This role focuses on assurance, governance and compliance rather than day-to-day technical engineering, with emphasis on risk management, regulatory alignment, accreditation support, and security awareness across the organisation.

You will work with the Information Security Assurance Manager to assess risks, review policies, support incident response activities, coordinate audits, supplier assessments and penetration tests, and track findings. You will contribute to staff awareness and governance to keep security a shared responsibility across the business.

This is a significant opportunity to contribute to a unique organisation where security and trust enable progress in genomics.

• Support assurance, risk, and compliance activities across all services delivered by Genomics England.
• Review and contribute to cyber security policies, frameworks, and governance.
• Arrange and track audits, penetration tests, and supplier assessments, ensuring timely follow-up of findings.
• Support accreditation and regulatory compliance activities.
• Assist with cyber risk assessments, documenting and contributing to treatment plans.
• Provide input into awareness programmes to strengthen organisational understanding of security and compliance.
• Analyse and interpret data to produce clear, actionable assurance insights.
• Solid background in audit, assurance, or compliance, ideally within information or cyber security.
• Understanding of governance frameworks, regulatory requirements, and accreditation processes.
• Strong analytical skills with the ability to turn data into meaningful recommendations.
• Clear communicator, able to explain risk and compliance issues to technical and non-technical stakeholders.
• Proven organisational skills with the ability to manage multiple assurance activities.

• Experience enhancing or building assurance frameworks.
• Knowledge of supplier audits and third-party risk management.
• Familiarity with industry standards and emerging risks in cyber security.
• Experience contributing to awareness or training programmes around compliance and assurance.

Genomics England is committed to an inclusive environment that promotes equity, diversity and inclusion. We value a diverse workforce where everyone is welcomed and treated with respect regardless of disability, ethnicity, gender, gender identity, religion, sexual orientation, or social background. We apply non-discrimination and equity policies fairly to all people, regardless of age, disability, gender identity or reassignment, marital or civil partnership status, pregnancy or parental status, race, religion or beliefs, sex or sexual orientation, length of service, or employment type.

We do not tolerate discrimination, harassment, victimisation or bullying at work. Our People policies outline our commitment to inclusivity. If you require adjustments to participate in the recruitment process, please discuss this with us.

Genomics England operates a blended working model. Most roles involve coming into the office a minimum of 2 times per month, with arrangements agreed with your team leader. Some roles require full-time on-site attendance (e.g., lab or reception teams). Our office locations are Canary Wharf, Cambridge and Leeds. Teams may tailor working patterns to suit, beyond the minimum.

As part of our recruitment process, all successful candidates are subject to a Standard Disclosure and Barring Service (DBS) check. Applicants should disclose any unspent offences at application. Some offences may prevent progression due to the healthcare context.

Qualifications are not mandatory; however, ISACA certifications (e.g., CISA or CISM), a Lead Auditor qualification, or equivalent are highly welcome and beneficial.

Closing Date: Sunday 5 October at 23:00 (UK time). Salary From: £51,000.

• Generous Leave: 30 days holiday plus bank holidays, additional long-service leave, and up to 30 days remote working abroad annually (approval required).
• Family-Friendly: Blended working arrangements, flexible working, enhanced maternity/paternity and shared parental leave.
• Pension & Financial: Defined contribution pension (Genomics England matches up to 10%), Life Assurance (3x salary), Give As You Earn.
• Learning & Development: Individual learning budgets, support for training and certifications, reimbursement for one annual professional subscription (approval required).
• Recognition & Rewards: Employee recognition programme and referral scheme.
• Health & Wellbeing: Subsidised gym membership, Headspace access, Employee Assistance Programme, eye tests, flu jabs.