Location: Reading (3 days per week onsite)
Duration: 6 month initial contract
Rate: £107ph UMB (Inside IR35)
Note, active SC required!
Role details:
As the IT Assurance Lead for a major defence aerospace programme, you will be responsible for assuring the security of applications, infrastructure, and cloud environments across their full lifecycle.
You will provide independent assurance to the programme, the customer and programme stakeholders, ensuring all solutions are designed, delivered, and operated in line with the Security by Design framework and applicable standards.
You will lead IT assurance activity across projects, embed security early in delivery, and ensure compliance with defined processes and customer requirements. This is a hands-on leadership role combining assurance, security design review, risk management, and stakeholder engagement.
Key Responsibilities:
- Security by Design & Compliance -
- Assure applications, infrastructure, and cloud services throughout their lifecycle in line with the Security by Design framework.
- Ensure compliance with relevant standards, including ISO 44001, NIST 800-53, 800-171, 800-172, NIS2, DEFSTAN, and JSPs.
- Secure Development & Design Assurance -
- Define, maintain, and enforce secure development guidelines.
- Work with development and security teams to embed security requirements and controls into solutions.
- Assure technical mitigations for vulnerabilities in development and production.
- Monitoring & Continuous Assurance -
- Provide ongoing assurance of infrastructure and cloud environments against defined standards and procedures.
- Ensure controls remain effective through change and operational use.
- Risk Management -
- Identify, assess, and manage security risks.
- Recommend tactical and strategic improvements aligned to best practice.
- Leadership & Collaboration -
- Act as the IT assurance lead across the programme.
- Work closely with PMO, development, operations, security teams, customers, and suppliers to deliver secure outcomes.
- Continuous Improvement -
- Drive security and assurance improvements across the GCAP programme.
- Promote a strong assurance and compliance culture.
Skills and Experience Required:
- Proven experience in IT assurance within a complex, regulated environment (e.g. defence, critical national infrastructure, or similar).
- Strong practical experience applying major IT assurance and security frameworks and standards (ISO, NIST, NIS2, DEFSTAN, JSP).
- Demonstrated experience implementing Security by Design across the full delivery lifecycle.
- Experience assuring infrastructure, cloud, and application security controls.
- Strong risk assessment, issue management, and decision‑making skills.
- Able to work effectively across technical, delivery, and programme teams.
- Confident engaging customers and senior stakeholders.
Personal Attributes:
- Clear and confident communicator.
- Highly organised, with the ability to manage multiple priorities in parallel.
- Proactive, pragmatic, and delivery‑focused.
Location:
- Reading, with hybrid/flexible working where appropriate.
- Travel to customer or supplier sites may be required.
Interested? Apply today via the link provided!
