At a Glance
- Tasks: Support secure systems and manage cyber risk in a critical defence programme.
- Company: Join a leading organisation focused on national security and innovation.
- Benefits: Competitive pay, professional growth, and the chance to work with top security experts.
- Other info: Engage with experienced professionals and contribute to high-profile projects.
- Why this job: Make a real impact on national security while developing your skills in a dynamic environment.
- Qualifications: DV clearance and experience in Information Assurance or Cyber Security required.
The predicted salary is between 60000 - 80000 € per year.
We’re looking for a DV‑cleared Information Assurance Engineer to strengthen assurance capability across a critical defence programme. This is a delivery‑focused role working at the heart of secure systems, helping to close assurance gaps, manage cyber risk, and ensure systems are secure, compliant, and accreditation‑ready.
You’ll work alongside Security Leads, system owners, and enterprise stakeholders to support Secure by Design, manage risk arising from ST&V and CSF assessments, and drive POA&M‑led remediation across the estate.
What You’ll Be Doing
- Supporting Secure by Design (SbD) documentation uplift across prime and supplier environments
- Validating security control compliance using CSF tracker maturity assessments
- Identifying, documenting, and articulating assurance gaps and observations
- Conducting risk assessments for control deficiencies arising from:
- ST&V failures
- CSF maturity shortfalls
- Creating and maintaining Risk Detail Records (RDRs) in line with JSP 892
- Managing and tracking POA&Ms, ensuring clear ownership, timelines, and evidence‑based closure
- Supporting compliance activities aligned to:
- Secure by Design
- NIST RMF
- NIST CSF v2.0
- Reviewing and uplifting system assurance documentation, including:
- System Operating Procedures (SyOPs)
- Codes of Connection (CoCo)
- Supporting cyber resilience and incident preparedness, including:
- Incident response playbooks
- Tabletop Exercises (TTX) and post‑exercise assurance capture
What We’re Looking For
- Active DV clearance
- Strong experience in Information Assurance / Cyber Security Assurance / GRC
- Proven background in risk management, POA&M remediation, and assurance governance
- Working knowledge of:
- NIST RMF / NIST CSF
- Secure by Design principles
- Defence assurance environments
- Comfortable working on‑site in a secure facility
- Clear communicator, able to engage with technical and senior stakeholders
Why Apply
- High‑impact role on a sensitive, high‑profile programme
- Clear scope, strong governance, and meaningful assurance work
- Competitive inside‑IR35 rate reflecting DV clearance and on‑site delivery
- Work with experienced security and delivery professionals
Information Assurance Engineer employer: Carbon60
As an employer, we pride ourselves on fostering a collaborative and secure work environment where our Information Assurance Engineers can thrive. With a focus on professional development and a commitment to high-impact projects within the defence sector, we offer competitive rates and the opportunity to work alongside seasoned experts in cyber security. Our culture emphasises clear communication and teamwork, ensuring that every employee feels valued and empowered to contribute to critical national security efforts.
StudySmarter Expert Advice🤫
We think this is how you could land Information Assurance Engineer
✨Tip Number 1
Network like a pro! Reach out to professionals in the Information Assurance field on LinkedIn or at industry events. We can’t stress enough how valuable personal connections can be in landing that dream job.
✨Tip Number 2
Prepare for interviews by brushing up on your knowledge of NIST RMF and Secure by Design principles. We recommend practising common interview questions related to risk management and assurance governance to show you’re the right fit.
✨Tip Number 3
Don’t just apply anywhere; focus on roles that align with your skills and interests. Use our website to find positions that match your expertise in Information Assurance and Cyber Security. We’ve got plenty of opportunities waiting for you!
✨Tip Number 4
Follow up after interviews! A quick thank-you email can go a long way in making a lasting impression. We believe showing appreciation for the opportunity can set you apart from other candidates.
We think you need these skills to ace Information Assurance Engineer
Some tips for your application 🫡
Tailor Your CV:Make sure your CV is tailored to the Information Assurance Engineer role. Highlight your experience with risk management, compliance, and any relevant frameworks like NIST RMF or CSF. We want to see how your skills align with what we’re looking for!
Craft a Compelling Cover Letter:Your cover letter is your chance to shine! Use it to explain why you’re passionate about information assurance and how your background makes you a perfect fit for our team. Don’t forget to mention your DV clearance – it’s a big plus for us!
Showcase Relevant Projects:If you’ve worked on projects that involved Secure by Design principles or cyber resilience, make sure to include them in your application. We love seeing real-world examples of how you’ve tackled challenges similar to those we face at StudySmarter.
Apply Through Our Website:We encourage you to apply through our website for the best chance of getting noticed. It’s super easy, and you’ll be able to keep track of your application status. Plus, we love seeing candidates who take the initiative to connect with us directly!
How to prepare for a job interview at Carbon60
✨Know Your Stuff
Make sure you brush up on your knowledge of Information Assurance and Cyber Security. Familiarise yourself with NIST RMF, NIST CSF, and Secure by Design principles. Being able to discuss these topics confidently will show that you're serious about the role.
✨Showcase Your Experience
Prepare specific examples from your past work that demonstrate your experience in risk management and POA&M remediation. Use the STAR method (Situation, Task, Action, Result) to structure your answers, making it easy for interviewers to see your impact.
✨Engage with Stakeholders
Since this role involves working with various stakeholders, practice how you'll communicate complex security concepts to both technical and non-technical audiences. Think about how you can make your points clear and relatable.
✨Prepare for Scenario Questions
Expect scenario-based questions that test your problem-solving skills in real-world situations. Think through potential challenges you might face in the role and how you would address them, especially around assurance gaps and compliance activities.
