Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Ensure security in projects, review documentation, and collaborate with teams for secure solutions.
- Company: Join DCC, a leader in transforming Britain's energy system for a smarter, greener future.
- Benefits: Enjoy hybrid working, personalised benefits, and a supportive work environment.
- Why this job: Make a real impact on data security while growing your career in a collaborative culture.
- Qualifications: Strong experience in security assurance and knowledge of IT frameworks required.
- Other info: DCC values inclusivity and offers support for diverse applicants.
The predicted salary is between 43200 - 72000 £ per year.
London or Manchester (Hybrid working model, 2 days a week office based, 3 days remote)
We’re seeking an experienced and proactive Project Security Assurance Specialist to join our growing Information Security team. In this role, you will work closely with architects, analysts, designers, and project teams to ensure our solutions are secure, compliant, and resilient. Your work will directly impact the protection of customer, employee, and company data, helping to ensure that security is integrated at every stage of our technology and business initiatives.
What will you be doing?
· Provide end-to-end security engagement across a wide variety of business and technical projects
· Attend and contribute to project meetings, offering expert information security guidance
· Review and consult on technical and design documentation (e.g. design documents, network/data flow diagrams)
· Collaborate with Security Architects and delivery teams to implement secure solutions
· Ensure security policies and standards are applied through a hands-on, consultative approach
· Translate technical risk into business-friendly language for a range of audiences
· Scope and support penetration testing and vulnerability assessments, ensuring timely remediation
· Conduct impact assessments in line with Smart Energy Code, GDPR, and internal policy
· Deliver artefacts such as Supplier Security Assessments, Software Security Reviews, and Business Continuity Assessments
· Contribute to the security review of supplier contracts and procurement activities
What are we looking for?
· Strong experience delivering end-to-end security assurance in complex, fast-paced environments
· Broad knowledge of IT and security frameworks, regulations, and best practices (e.g., ISO 27001, DPA, GDPR)
· Familiarity with security tools such as vulnerability scanners, SIEM, DDoS protection, remote access, authentication/authorisation technologies, and data loss prevention
· Understanding of OWASP top vulnerabilities and methodologies
· Technical knowledge of cloud, networking, virtualisation, mobile technologies, and more
· Experience of working with external suppliers, including reviewing security clauses in contracts
· Excellent communication skills – able to articulate risk to technical and non-technical stakeholders
· Self-driven, collaborative, and confident operating both independently and within teams
Desirable Qualifications & Experience:
· Certifications such as CISSP, CISM, CISA, or ISO 27001 Lead Auditor/Implementer
· Knowledge of the NIST Cybersecurity Framework
· Experience with Smart Metering or highly regulated environments
· Familiarity with Cloud Security Controls and Public Key Infrastructure (PKI)
· Understanding of Hardware Security Modules (HSMs)
About the DCC:
At the DCC, we believe in making Britain more connected, so we can all lead smarter, greener lives. That desire to make a difference is what drives us every day and it wouldn’t be possible without our people. Each person at the DCC brings a special kind of power to the business, and if you join us, we’ll give you the means to unleash yours. Here, we depend on each other and hold each other accountable. You have the power to challenge and make change, to take the initiative and enjoy real responsibility. Whether it’s doing purposeful work, helping us grow or building the career you want – we’ll give you the support to do it all. Our secure network for smart meters is transforming Britain’s energy system and helping the country’s fight against climate change: we want you to be part of our journey.
Company benefits:
The DCC’s continued success depends on our people. It’s important to us that you enjoy coming to work, and feel healthy, happy and rewarded. In this role, you’ll have access to a range of benefits which you can choose from to create a personalized plan unique to your lifestyle.
If there are any questions you’d like to ask before applying, please contact stephanie.owen@peregrineresourcing.com or complete your application, so we can learn more about you. Your application will be carefully considered, and you’ll hear from us regarding its progress.
Join the DCC and discover the power of you.
What to do now
Choose ‘Apply now’ to fill out our short application, so that we can find out more about you.
As a Disability Confident member, DCC is committed to ensuring an inclusive and accessible recruitment process. If you require any reasonable adjustments, need a copy of this job advert in an alternative format, or have any other questions you’d like to ask before applying, please contact stephanie.owen@peregrineresourcing.com
Please click here for the Capita statement.
#J-18808-Ljbffr
Project Assurance Security Specialist employer: Smart DCC
Contact Detail:
Smart DCC Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Project Assurance Security Specialist
✨Tip Number 1
Familiarise yourself with the specific security frameworks and regulations mentioned in the job description, such as ISO 27001 and GDPR. This knowledge will not only help you understand the role better but also allow you to engage in meaningful conversations during interviews.
✨Tip Number 2
Network with professionals in the information security field, especially those who have experience in project assurance. Attend relevant meetups or webinars to gain insights and potentially get referrals that could help you land the job.
✨Tip Number 3
Prepare to discuss your experience with security tools and methodologies, particularly those listed in the job description. Be ready to provide examples of how you've applied these in past roles, as this will demonstrate your hands-on expertise.
✨Tip Number 4
Showcase your communication skills by practising how to explain complex security concepts in simple terms. This is crucial for the role, as you'll need to articulate risks to both technical and non-technical stakeholders effectively.
We think you need these skills to ace Project Assurance Security Specialist
Some tips for your application 🫡
Tailor Your CV: Make sure your CV highlights relevant experience in security assurance, particularly in complex environments. Use specific examples that demonstrate your ability to deliver end-to-end security solutions.
Craft a Compelling Cover Letter: In your cover letter, express your passion for information security and how your skills align with the role. Mention your familiarity with frameworks like ISO 27001 and your experience with security tools, as these are key to the position.
Showcase Communication Skills: Since excellent communication is crucial for this role, provide examples in your application of how you've effectively communicated technical risks to both technical and non-technical stakeholders.
Highlight Relevant Certifications: If you have certifications such as CISSP, CISM, or ISO 27001 Lead Auditor, make sure to include them prominently in your application. These qualifications can set you apart from other candidates.
How to prepare for a job interview at Smart DCC
✨Understand the Role
Make sure you thoroughly understand the responsibilities of a Project Assurance Security Specialist. Familiarise yourself with key concepts like end-to-end security engagement, compliance with GDPR, and the importance of secure solutions in project delivery.
✨Showcase Your Experience
Prepare to discuss your previous experience in delivering security assurance in complex environments. Be ready to provide specific examples of how you've contributed to security in past projects, especially in relation to IT frameworks and regulations.
✨Communicate Effectively
Practice articulating technical risks in a way that non-technical stakeholders can understand. This is crucial for the role, as you'll need to bridge the gap between technical teams and business objectives.
✨Familiarise Yourself with Tools and Frameworks
Brush up on your knowledge of security tools and frameworks mentioned in the job description, such as ISO 27001, OWASP vulnerabilities, and cloud security controls. Being able to discuss these confidently will demonstrate your expertise.