Cyber Security Assurance Lead

We are seeking an experienced SC - cleared Cyber Security Assurance Lead to oversee and drive The Security by Design (SbD) workstream for a major assurance process project. This role requires deep expertise in security governance, cloud architecture assurance, and security control frameworks, with the ability to work closely with client stakeholders to ensure that all SbD requirements, artefacts, and controls are correctly identified, implemented, and evidenced throughout the project lifecycle.

The position involves guiding multidisciplinary teams, shaping security deliverables, and ensuring that solutions meet both organisational policy and industry best - practice standards.

• Lead the Security by Design (SbD) Workstream: Own and lead the end - to - end Security by Design assurance process across all project phases.
• Determine the required SbD artefacts, ensuring they align with organisational security policies and relevant regulatory requirements.
• Provide structured guidance and oversight to project teams, architects, and engineers to embed secure design principles from inception through to delivery.
• Ensure all security risks, deviations, and design decisions are captured, assessed, and appropriately governed.
• Stakeholder Engagement & Governance: Work collaboratively with client security, architecture, risk, and delivery stakeholders to gather information, validate assumptions, and ensure clear alignment with security expectations.
• Facilitate security reviews, design walkthroughs, and risk assessments.
• Communicate complex security concepts in a clear and actionable manner to both technical and non - technical audiences.
• Assurance & Compliance: Conduct detailed assessments of proposed architectures and solutions against NIST 800 - 53 security controls, identifying control gaps and required mitigations.
• Review and validate solution designs against cloud security best practices, crypto standards, and cross - domain security principles.
• Ensure traceable mapping of security requirements to design artefacts, test evidence, and governance documentation.
• Support accreditation, risk management processes, and preparation of formal assurance evidence.

• Strong working knowledge of NIST 800 - 53 controls and their application to enterprise and government - grade systems.
• Cloud security architecture expertise, with the ability to review and challenge designs across AWS, Azure, and hybrid architectures.
• In - depth understanding of cryptographic principles, encryption standards, key management, and secure protocol design.
• Knowledge of cross - domain solutions, data flows, and security boundary controls.
• Security Leadership: Demonstrated experience leading Security by Design or Secure Architecture Assurance activities in complex environments.
• Ability to influence, challenge, and guide technical teams to ensure secure outcomes.
• Experience producing and reviewing key artefacts such as Threat Models, Security Architecture Designs, Risk Assessments, Control Matrices, and Accreditation Packs.
• Clearance: Active SCClearance is essential due to the nature of the project and the sensitivity of systems involved.

The ideal individual will be a highly credible security assurance professional capable of operating at pace in a high - assurance environment. They will combine strong governance knowledge with hands - on architectural understanding, enabling them to bridge the gap between policy, design, and implementation. This role suits someone who is confident leading security discussions, shaping security deliverables, and ensuring that secure design principles are consistently applied.