- Company Name
- Pearson Whiffin Recruitment
- Job Title
- Security Engineer
- Job Description
-
Job title: Security Engineer
Role Summary:
A Security Assurance Engineer responsible for identifying, documenting, and mitigating risks across projects, products, and systems. The role supports compliance with national and industry standards, produces actionable assurance reports, and collaborates with engineering, architecture, and risk teams to embed security controls throughout the system lifecycle.
Expectations:
- Hold active Security Clearance (SC/DV).
- Deliver high‑quality assurance reports to technical and non‑technical stakeholders.
- Support accreditation and audit processes through meticulous documentation.
- Maintain a proactive, detail‑oriented approach to meet rigorous security standards.
Key Responsibilities:
- Conduct security assurance activities for projects, products, and systems.
- Perform risk assessments, security reviews, and compliance checks against NCSC, ISO 27001, JSP 440, and related frameworks.
- Produce clear, concise assurance reports with actionable insights.
- Work closely with engineering, architecture, and risk management teams to embed robust security controls.
- Maintain documentation and evidence to support accreditation and audit processes.
Required Skills:
- Active SC / DV security clearance.
- Proven experience in Security Assurance, Information Assurance, or Cyber Risk Management.
- Strong understanding of security frameworks (NIST, ISO 27001, MoD JSPs, CAF, etc.).
- Proficiency in cloud, network, or application security principles.
- Excellent reporting, documentation, and communication skills.
- Analytical thinking with a detail‑oriented, proactive mindset.
Required Education & Certifications:
- Bachelor’s degree in Computer Science, Cyber Security, Information Assurance, or equivalent.
- Relevant certifications such as CISSP, CISM, ISO 27001 Lead Auditor, or equivalent preferred.