At a Glance
- Tasks: Support secure systems and manage cyber risk in a high-impact role.
- Company: Join a leading defence programme focused on information assurance.
- Benefits: Competitive inside-IR35 rate and work with experienced professionals.
- Other info: Engage with technical and senior stakeholders in a dynamic, secure environment.
- Why this job: Make a real difference in securing critical systems and enhancing cyber resilience.
- Qualifications: Active DV clearance and strong experience in Information Assurance and risk management.
The predicted salary is between 60000 - 80000 € per year.
We’re looking for a DV‑cleared Information Assurance Engineer to strengthen assurance capability across a critical defence programme. This is a delivery‑focused role working at the heart of secure systems, helping to close assurance gaps, manage cyber risk, and ensure systems are secure, compliant, and accreditation‑ready.
You’ll work alongside Security Leads, system owners, and enterprise stakeholders to support Secure by Design, manage risk arising from ST&V and CSF assessments, and drive POA&M‑led remediation across the estate.
What You’ll Be Doing
- Supporting Secure by Design (SbD) documentation uplift across prime and supplier environments
- Validating security control compliance using CSF tracker maturity assessments
- Identifying, documenting, and articulating assurance gaps and observations
- Conducting risk assessments for control deficiencies arising from:
- ST&V failures
- CSF maturity shortfalls
- Creating and maintaining Risk Detail Records (RDRs) in line with JSP 892
- Managing and tracking POA&Ms, ensuring clear ownership, timelines, and evidence‑based closure
- Supporting compliance activities aligned to:
- Secure by Design
- NIST RMF
- NIST CSF v2.0
- Reviewing and uplifting system assurance documentation, including:
- System Operating Procedures (SyOPs)
- Codes of Connection (CoCo)
- Supporting cyber resilience and incident preparedness, including:
- Incident response playbooks
- Tabletop Exercises (TTX) and post‑exercise assurance capture
What We’re Looking For
- Active DV clearance
- Strong experience in Information Assurance / Cyber Security Assurance / GRC
- Proven background in risk management, POA&M remediation, and assurance governance
- Working knowledge of:
- NIST RMF / NIST CSF
- Secure by Design principles
- Defence assurance environments
- Comfortable working on‑site in a secure facility
- Clear communicator, able to engage with technical and senior stakeholders
Why Apply
- High‑impact role on a sensitive, high‑profile programme
- Clear scope, strong governance, and meaningful assurance work
- Competitive inside‑IR35 rate reflecting DV clearance and on‑site delivery
- Work with experienced security and delivery professionals
Information Assurance Engineer in Huntingdon employer: Carbon60
As an employer, we pride ourselves on fostering a collaborative and dynamic work environment where our Information Assurance Engineers can thrive. With a focus on professional development and a commitment to high-impact projects within the defence sector, we offer competitive remuneration and the opportunity to work alongside seasoned experts in cyber security. Our culture emphasises innovation, integrity, and the importance of securing critical systems, making it a rewarding place for those passionate about making a difference in national security.
StudySmarter Expert Advice🤫
We think this is how you could land Information Assurance Engineer in Huntingdon
✨Tip Number 1
Network like a pro! Reach out to professionals in the Information Assurance field on LinkedIn or at industry events. We can’t stress enough how important it is to make connections that could lead to job opportunities.
✨Tip Number 2
Prepare for interviews by brushing up on your knowledge of NIST RMF and Secure by Design principles. We recommend practising common interview questions related to risk management and assurance governance to show you’re the right fit.
✨Tip Number 3
Don’t just apply anywhere; focus on roles that align with your skills and interests. Use our website to find positions that match your expertise in cyber security assurance and risk management, making your application stand out.
✨Tip Number 4
Follow up after interviews! A quick thank-you email can go a long way in keeping you top of mind. We believe showing appreciation for the opportunity can set you apart from other candidates.
We think you need these skills to ace Information Assurance Engineer in Huntingdon
Some tips for your application 🫡
Tailor Your CV:Make sure your CV is tailored to the Information Assurance Engineer role. Highlight your experience with risk management, compliance, and any relevant frameworks like NIST RMF or CSF. We want to see how your skills align with what we're looking for!
Craft a Compelling Cover Letter:Your cover letter is your chance to shine! Use it to explain why you're passionate about information assurance and how your background makes you a perfect fit for our team. Don’t forget to mention your DV clearance – it’s a big plus for us!
Showcase Your Communication Skills:As a clear communicator, you’ll need to engage with both technical and senior stakeholders. In your application, give examples of how you've successfully communicated complex information in the past. We love seeing those skills in action!
Apply Through Our Website:We encourage you to apply through our website for the best chance of getting noticed. It’s straightforward and ensures your application goes directly to us. Plus, we can’t wait to see what you bring to the table!
How to prepare for a job interview at Carbon60
✨Know Your Stuff
Make sure you brush up on your knowledge of Information Assurance and Cyber Security. Familiarise yourself with NIST RMF and CSF, as well as Secure by Design principles. Being able to discuss these topics confidently will show that you're serious about the role.
✨Prepare for Scenario Questions
Expect questions that ask you to demonstrate how you've handled risk management or assurance governance in the past. Think of specific examples where you identified assurance gaps or managed POA&Ms. Use the STAR method (Situation, Task, Action, Result) to structure your answers.
✨Engage with Stakeholders
Since the role involves working with various stakeholders, practice how you'll communicate complex security concepts clearly. Be ready to explain how you would engage with both technical teams and senior management, ensuring everyone is on the same page regarding security compliance.
✨Show Your Passion for Cyber Resilience
Demonstrate your enthusiasm for cyber resilience and incident preparedness. Discuss any experience you have with incident response playbooks or tabletop exercises. Showing that you care about not just compliance but also proactive security measures can set you apart from other candidates.
