Civica US

Cyber Assurance Specialist

Civica US

full-time

Posted on:

Location Type: Hybrid

Location: London • 🇬🇧 United Kingdom

Visit company website
AI Apply
Apply

Job Level

Mid-LevelSenior

Tech Stack

CloudCyber Security

About the role

  • Curate and maintain internal knowledge bases and external Trust Centre articles.
  • Ensure content is accurate, accessible, and aligned with current cyber policies and standards.
  • Collaborate with subject matter experts to update documentation in response to regulatory or operational changes.
  • Assist in the development, review, and maintenance of cyber security policies and procedures.
  • Support the Head of Cyber Governance in maintaining and improving ISO 27001 controls and other compliance frameworks (e.g., NIST, CIS).
  • Support risk identification, assessment, and reporting, collaborating with risk owners and business units.
  • Prepare and coordinate evidence for internal and external audits.
  • Conduct assurance activities against ISO 27001 and other relevant standards.
  • Maintain audit trails and track remediation of findings.
  • Proactively suggest improvements to controls and processes based on lessons learnt.
  • Respond to customer security questionnaires and due diligence requests.
  • Support supply chain assurance activities, including supplier risk assessments and documentation.
  • Maintain a repository of standard responses and evidence for reuse.
  • Assist in the development and rollout of security training materials for staff.
  • Support the planning and execution of phishing simulations and cyber awareness campaigns.
  • Track engagement and effectiveness of awareness initiatives through metrics and reporting.
  • Assist with incident response documentation and post-incident reviews.
  • Develop and Maintain Cyber SharePoint sites to ensure content is current and well-organised.
  • Ensure documentation is version-controlled and accessible to relevant stakeholders.
  • Support the adoption and optimisation of GRC/assurance tooling (e.g., Microsoft Purview, OneTrust).
  • Proactively identify and recommend improvements to controls, processes, and training.
  • Build strong relationships with stakeholders across the business, IT, and external partners to ensure alignment and effective communication.

Requirements

  • Extensive knowledge of cyber security governance, risk management, and compliance principles, practices, and technologies (ISO 27001, NIST, CIS, GDPR).
  • Strong analytical and problem-solving skills to address complex security challenges and incidents.
  • Excellent communication and interpersonal skills to collaborate effectively with various departments and senior leadership.
  • Awareness of cloud security principles and controls.
  • Strong written communication skills, with experience in technical writing or documentation.
  • Working knowledge of ISO 27001 and other cyber security standards.
  • Experience supporting audits or compliance activities.
  • Familiarity with SharePoint or similar content/document management platforms.
  • Ability to manage multiple tasks and prioritise effectively.
  • Experience in a cyber assurance, governance, or compliance role.
  • Understanding of data protection regulations (e.g., GDPR).
  • Experience with phishing simulation platforms and awareness tools.
  • Knowledge of risk management and supplier assurance processes.
  • Experience in Microsoft Purview, UpGuard, or similar tools.
  • Basic scripting or automation skills (desirable).
  • Minimum three years’ experience in cyber security, with at least two years in a GRC consultancy or assurance role.
  • Certifications (Desirable): CompTIA Security+, SSCP, CISA, ISO 27001 Lead Implementer/Auditor, or similar.
  • Sector Experience (Desirable): Experience in regulated sectors (public sector, health, finance) is a plus.
Benefits
  • 25 Days Annual Leave + bank holidays – plus the option to buy up to 10 extra days!
  • Days of Difference – Up to 3 extra days off for volunteering.
  • Pension Contributions – 5% employer match to support your future.
  • Income Protection – Up to 75% salary cover for long-term illness.
  • Life Assurance – 4x salary tax-free lump sum.
  • Critical Illness Cover – £25,000 lump sum (extendable to dependents).
  • Private Medical Insurance – Fast access to private healthcare.
  • Health Cash Plan – Claim back physio, therapies & more.
  • Dental Insurance – Cover for routine & emergency care.
  • Affinity Groups – Join employee-led communities.
  • Bounty Bonus – Refer a friend & get rewarded.

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard skills
cyber security governancerisk managementcompliance principlesISO 27001NISTCISGDPRtechnical writingphishing simulationdata protection regulations
Soft skills
analytical skillsproblem-solving skillscommunication skillsinterpersonal skillscollaborationprioritizationrelationship buildingtraining developmentreportingsuggesting improvements
Certifications
CompTIA Security+SSCPCISAISO 27001 Lead ImplementerISO 27001 Auditor