Security Assurer

We are seeking an experienced DV-cleared Security Assurer to support the delivery of a secure, accredited infrastructure aligned to FCAS (Future Combat Air System) cyber requirements and Air Sector architecture processes.

This role is central to ensuring security assurance is embedded throughout the delivery lifecycle, working closely with architects, engineers, and testing teams within a highly regulated and mission-critical environment.

• Own and manage project security risk registers, ensuring risks are clearly articulated, tracked, and escalated where required.
• Validate compliance with security policies, standards, and control baselines.
• Review control effectiveness against internal assurance baselines and external assurance outcomes.
• Contribute to Operational Readiness Reviews and assurance working groups.

• Coordinate and oversee penetration testing activities, ensuring scope, execution, and reporting meet programme requirements.
• Review penetration test results, manage findings through the security risk register, and ensure timely remediation.
• Validate configuration and closure of open test findings.
• Support and validate SAST / DAST activities and remediation outcomes.
• Ensure secure configurations, libraries, and dependencies are in place and maintained.

• Track vendor patching and maintain security accreditation and assurance evidence.
• Package and manage security artefacts and deliverables for sharing with FCAS Security.
• Ensure all assurance activities are fully documented to support knowledge transfer and continuity.
• Support secure-by-design activities through design reviews and security requirement analysis.
• Collaborate across cyber pillars, including Digital Engineering and wider security stakeholders.
• Attend and facilitate assurance forums and working groups as required.

• Proven experience in a Security Assurer / Security Compliance / Assurance role within complex environments.
• Strong understanding of security risk management, compliance validation, and assurance frameworks.
• Hands-on experience coordinating penetration testing and managing remediation.
• Familiarity with secure configuration, vulnerability management, and control baselines.
• Experience working in defence, aerospace, or highly regulated sectors.
• Strong documentation and stakeholder engagement skills.

DV clearance is mandatory and must be current and transferable.