Security Assurance Analyst in Abingdon

On behalf of UK Industrial Fusion Solutions (UKIFS), we are looking for a Security Assurance Analyst (Inside IR35) for a 10-month contract, working on a hybrid basis in Abingdon, Oxfordshire.

Role Summary

The Security Assurance Analyst is responsible for supporting the planning, coordination, and delivery of security assurance activities across projects, services, and suppliers. The role ensures that security requirements are correctly interpreted, implemented, and evidenced, enabling systems to meet organisational, regulatory, and compliance expectations. This position acts as a key link between delivery teams, security specialists, suppliers, and governance functions.

Main Responsibilities

• Security Assurance Delivery: Coordinate and track security assurance activities throughout project life cycles (e.g., design reviews, risk assessments, testing, accreditation) in accordance with Cyber Assurance Framework and Secure by Design.
• Maintain and manage security assurance documentation, including risk logs, action trackers, and evidence repositories.
• Support the production and review of Security Assurance Reports (SARs), Risk Treatment Plans (RTPs), and compliance submissions.
• Ensure all required assurance artefacts are completed to the correct quality and delivered on schedule.

• Governance, Risk & Compliance: Assist with assessing compliance against organisational security policies, standards, and frameworks (e.g., ISO 27001, NIST, government classifications).
• Support risk identification, tracking, and escalation processes.
• Monitor closure of vulnerabilities, findings, and non-compliances across suppliers and internal teams.

• Stakeholder Coordination: Act as a liaison between security architects, engineers, project managers, suppliers, and operational teams.
• Facilitate workshops, reviews, and checkpoints related to security design and assurance.
• Ensure stakeholders understand assurance requirements and deliverables.

• Supplier & Third Party Assurance: Assist with collecting and reviewing supplier security evidence (e.g., penetration test results, configuration baselines, audit reports).
• Support third party assessments and onboarding checks.
• Track remediation and ensure suppliers meet contracted security obligations.

• Reporting & Documentation: Produce regular progress updates, dashboards, and metrics for security assurance activities.
• Maintain accurate records of security decisions, exceptions, and risk treatments.
• Ensure documentation reflects current system configurations and risk positions.

Essential:

• Experience working within information security, compliance, risk management, or a related assurance role.
• Understanding of security frameworks (e.g., ISO 27001, NIST CSF, Cyber Essentials, government security classifications).
• Strong organisational and coordination skills, with the ability to manage multiple assurance activities.
• Ability to interpret technical information and translate it into clear assurance actions or risks.
• Excellent communication skills with the ability to engage technical and non-technical audiences.

Desirable:

• Knowledge of secure-by-design practices and security governance processes.
• Experience working in regulated, government, or critical national infrastructure environments.
• Familiarity with vulnerability management, security testing, or audit processes.
• Understanding of risk management methodologies.

Please be aware that this role can only be worked within the UK and not Overseas. In applying for this role, you acknowledge the following: this role falls in scope of the Off Payroll Working in the Public Sector legislation. Any rates of payment quoted will reflect the gross rate per day for the assignment and will be subject to appropriate taxes and statutory costs. As such, the payment to the intermediary and your income resulting from this contract will be different.