Role: Cyber Security Assurance Specialist REF 100899
Contract Length: Until 18/12/2026
Location: Hybrid/Reading – Culham, 2-3 days per week on site
IR35: Inside
Pay Rate to Intermediary: £55 per hour
Security Clearance: SC requested
Spinwell is recruiting for a Cyber Security Assurance Specialist for an excellent opportunity within the public sector.
RESPONSIBILITIES OF THE CYBER SECURITY ASSURANCE SPECIALIST
This is a cross-functional role with both advisory and hands-on responsibilities, focusing on security assurance, risk management and supporting architecture reviews, vulnerability management, risk assessments, cyber defence posture, driving technical assurance, and embedding risk-aligned security controls across IT and OT systems and secure-by-design practices.
You will work across hybrid environments including cloud, infrastructure, applications, and OT systems.
You will be responsible for reviewing and advising on security architecture patterns, reviewing and maintaining risk registers, leading assurance assessments, and embedding security controls across infrastructure and platforms.
You will also guide teams in applying secure-by-design principles and support both internal audit and external compliance efforts including Gov Assure, CAF, ISO 27001, and Cyber.
SKILLS/EXPERIENCE OF THE CYBER SECURITY ASSURANCE SPECIALIST
- Demonstrable experience in designing and implementing secure infrastructure or cloud architectures.
- Proven experience with risk assessment methodologies and maintaining enterprise risk registers.
- Working knowledge of risk assessment methodologies (e.g. ISO 31000, FAIR, OWASP risk rating).
- Strong understanding of Gov Assure, CAF, ISO 27001, Cyber Essentials, and NIST frameworks.
- Experience conducting or supporting security audits and implementing remediation plans.
- Proficiency in assessing and securing platforms such as Entra ID (Azure AD), Microsoft 365 E5, Azure IaaS/PaaS, Windows/Linux/Unix.
- Strong knowledge of security tooling such as SIEM, endpoint detection (EDR/XDR), and vulnerability management platforms.
- Hands-on experience with policy development, access control models (RBAC, ABAC), and logging standards.
- Experience supporting assurance activities or government-mandated reviews (e.g. GovAssure, Secure by Design).
- Knowledge of Incident Management, Vulnerability Assessments, SIEM & SOC Systems.
- Familiarity with ITSM workflows and change control procedures
- Experience designing or reviewing secure software supply chain and CI/CD security.
- Ability to interpret CVEs, CVSS scores, and threat intelligence feeds.
- Strong stakeholder engagement and communication skills with an ability to produce technical reports and articulate risk to non-specialists.
- Excellent written and verbal communication skills with the ability to present to senior stakeholders.
If you are a Cyber Security Assurance Specialist, apply now or send your CV to Spinwell!
We welcome all applications regardless of background, in line with our commitment to diversity, equality and inclusion.
Applying to this or any other vacancy advertised by Spinwell Ltd constitutes an agreement for Spinwell Ltd to hold your details for 24 months for the purpose of assessing suitability for the advertised position and to make you aware of any other positions deemed suitable of which You will make you aware by means of either email, text or phone. In line with GDPR regulations you are able to request your details be removed from the company data at any time by emailing us