Lead Security Control Assesor

Nottingham
Contract
Controls & Automation
Reference: Lead SCA_1750244344

As a Lead Security Control Assessor, you will be responsible for leading the assessment and evaluation of security controls across systems and processes both on-premise and in the cloud, to ensure they effectively mitigate risks and comply with regulatory and industry standards. You will oversee and conduct security control testing, to verify the design, implementation, and operational effectiveness of controls. In this role, you will work in an agile environment, ensuring the quality of security assessments through thorough testing, automation, and collaboration with cross-functional teams and various stakeholders.

Summary of Primary Responsibilities

  • Design and deliver repeatable testing methodologies to support control assurance testing, including automated testing steps for cloud environments.
  • Ensure control tests are well-planned, including risk identification, sampling, selection of controls, testing methods, and reporting criteria.
  • Lead control testing teams to perform design and operating effectiveness testing of information security controls, including fieldwork, testing, and reporting activities.
  • Provide quality assurance for control testing documentation produced during testing, ensuring accurate and timely completion of all required control testing documentation.
  • Identify and document control deficiencies, including root causes, risk descriptions, consistent issue ratings, and recommendations for improvement.
  • Create and present reports of control testing findings to stakeholders, socialising any findings effectively.
  • Serve as the primary contact with business stakeholders for the controls tests you lead, ensuring the quality of control testing engagements and stakeholder communications, including regular status updates.
  • Contribute to the efficiency of the control testing program by ensuring KPIs are measurable, that testing materials are standardised.

Requirements:

  • A bachelor's degree in computer science, management information systems, relevant field, or equivalent demonstrable experience.
  • 3+ year's experience leading a team of control assessors.
  • 8+ years of experience performing IT Audit or Information Security control assessments, with specific experience in testing cloud security controls.
  • Professional certification such as CISA, CISM, CISSP, ISO 27001 Lead Auditor, or equivalent.
  • Knowledge of industry standards and frameworks such as NIST 800-53, ISO 27001/27002, CIS Controls, COBIT.
  • Experience with current automated and manual industry methods for evaluating security controls on Perm and in cloud environments.
  • Capable of communicating complex information in an organised manner, both verbally and in writing.
  • Skilled in utilising stakeholder feedback to improve existing processes and future engagements.
  • Strong relationship management skills, demonstrating commitment to delivering quality results.

    Technical Skills

    • Knowledge of security controls provided by tools such as Sailpoint, Rapid7, Wiz.io, MS Defender a plus.
    • Experience with cloud security controls within environments such as AWS and Azure.
    • Experience leveraging automation, data driven testing techniques and generative AI to gain efficiency in control assurance.
    • Experience creating queries and reports using RSA Archer and Service-Now.
    • Familiarity with Kanban boards and Jira.

    Desired Competencies:

    • Big 4 accounting experience preferred.
    • Strong knowledge of cybersecurity principles and organisational requirements relevant to confidentiality, integrity, availability, authentication, and non-repudiation.
    • Ability to apply security governance, risk, and control principles.
    • Proficiency in automation and data analytics tools (e.g., Excel, Tableau, Alteryx, and Power-BI).
    • Ability to apply critical reading/thinking skills to identify systemic issues from analysing testing data.
    • Ability to facilitate small to medium sized group meetings and communicate complex ideas.
    • Agile working methodology experience.

GCS is acting as an Employment Business in relation to this vacancy.

£450.00 - 480.00
Per day
GBP450.00 - GBP480.00 per day

Nottingham

Contract

Added 18/06/2025
Reference: Lead SCA_1750244344

Lead Security Control Assesor

Nottingham
Contract

Other similar jobs

Security Control Assessor - REMOTE - FS - 12-month Contrac

Added 18/06/2025

About the RoleMy client is seeking an experienced Security Control Assessor for a remote engagement. You will lead the assessment and evaluation of security controls across both on-premise and cloud environments-ensuring risk is effectively mitigated and regulatory and industry standards are met.This role offers the chance to work in an agile environment at the forefront of information security and cloud governance, partnering with cross-functional teams and contributing to the evolution of my client's global security assurance programme.Key ResponsibilitiesLead design and delivery of repeatable testing methodologies for control assurance.Oversee control testing across systems and processes, including automated testing for cloud.Validate control...

Learn more

Software Engineer PLC (servo drive control)

Added 19/09/2025

Role- PLC Software Engineer (servo drive control)Type- Onsite (5 days)Rate- GBP 50 pounds per hourLocation- Tadcaster Purpose-As a Software Engineer - contractor, you'll be tasked with the commissioning of our automation machines in a software capacity. Your expertise will be crucial in: · PLC programming and commissioning, specifically on Beckhoff applications · Motion/Servo drives integration and programming · PackML state machine implementation · Developing streamlined, efficient code that pushes the boundaries of what's possible in automation · Ensuring our machines meet the highest safety standards by designing software compliant with the Machine Directive (BS EN 12100).Key Accountabilities / Responsibilities *...

Learn more

Senior Control Assurance Assessor - 12 Month Contract - Remote

Added 18/06/2025

Senior Control Assurance Assessor - 12 Month Contract - Remote - Financial ServicesWhat's on offer:12-month contract with potential for extensionFully remote working modelWork with an experienced team on critical security assurance programsExposure to advanced security technologies, automation, and AI-driven testingWe are working with a major financial services organisation to find an experienced Senior Control Assurance Assessor for an initial 12-month contract. This role is fully remote, offering the chance to work on meaningful security programs within a dynamic, high-performing environment.Role Overview: As a Senior Control Assurance Assessor, you will play a key role in ensuring that security both on-prem and...

Learn more

IT Infrastructure Project Lead

Added 14/10/2025

Client:I'm currently partnered with a client that has established a global reputation as a highly reliable partner for future proof logistic process automation and are the global leader in the industrial automation market, manufacturing process automation solutions for warehouses, airports and the parcel market. Here's some headliners about the opportunity: Role:IT Infrastructure Project LeadNorth Brabant - hybrid modelPermanent contractYou'll need:In depth experience as a technical project leadExperience as a project lead specializing on infrastructure projectsStrong knowledge of Hardware and Software/ Embedded EngineeringStrong stakeholders management skills, able to convince other project leads as well as technical/non-technical stakeholdersThis is an opportunity for...

Learn more

Communications & Change Lead

Added 22/09/2025

Role: Communication & Chnage LeadType: Hybrid (1 day per week)Nature: Inside IR35- GBP 450 per dayLocation: Warwick, UK Senior professional with a proven track record in managing communications and leading change across complex, large-scale organisations. Responsible for designing, delivering, and embedding tailored communication strategies and change management plans that align with the programme's objectives, ensuring engagement and adoption across all levels of the organisation. This pivotal role will focus on driving impactful communications and change management interventions for a global, high-profile programme. Key Accountabilities Responsible for leading the comms and change workstream of a specific global programme, overseeing its planning,...

Learn more

Lead Business Analyst - Fully Remote

Added 14/09/2025

Lead Business Analyst - Industry-leading AI Program Outside ir356 Month RollingRate negotiable I am working with an AI Consultancy in the middle east, who are building industry-leading AI platform across several industries and domains. In their quest to do this, they are looking for someone like yourself to play a pivotal role in driving AI initiatives within the organisation and be the bridge between technical solutions and business needs.Key Responsibilities:Lead the identification and analysis of business requirements for AI projects.Collaborate with stakeholders to define AI project goals, scope, and deliverablesDesign and implement AI models and algorithms to solve complex business...

Learn more

Lead R&D Engineer

Added 10/09/2025

Lead R&D Engineer (Medical Devices)Limerick, Ireland (4 days/week to office)Salary + Bonus + BenefitsJoin a fast-paced, innovation-driven team developing cutting-edge medical technologies that make a real impact on patient lives. We're looking for a technically strong and collaborative leader to guide cross-functional teams through the full product lifecycle from concept to commercialisation.Key Responsibilities:Lead system-level design, architecture, and integrationDefine and manage requirements using tools like DOORSEnsure regulatory compliance (ISO 13485, ISO 14971, FDA QSR)Mentor engineers and drive technical excellenceCollaborate across Engineering, Quality, Regulatory, and ManufacturingWhat We're Looking For:5+ years in product development leadership rolesStrong systems engineering and documentation skillsExperience with risk...

Learn more

Lead Business Analyst - 12months rolling

Added 03/09/2025

Lead Business Analyst - Industry-leading AI Program - Long-term Contract - Abu Dhabi - Unmatched Remuneration I am working with an AI Consultancy in the middle east, who are building industry-leading AI platform across several industries and domains. In their quest to do this, they are looking for someone like yourself to play a pivotal role in driving AI initiatives within the organisation and be the bridge between technical solutions and business needs.They are offering an unmatched remuneration as well as significant support for accommodation, as well as an entirely tax-free income of course!Key Responsibilities:Lead the identification and analysis of...

Learn more

IT Development Team Lead

Added 18/08/2025

Client:I'm currently partnered with a client who operates with a distinctive and proven business model focused on acquiring life insurance portfolios. Here's some headliners about the opportunity: Role:IT Development Team LeadBelgium - hybrid modelPermanent contract - not FreelanceYou'll need:Hands-on experience of UL3, Isabel, DCLExperience working as a software engineer with Python.Technical leadership capabilities.Demonstrate strong knowledge of Agile/Scrum Framework methodology on Jira & Scrum master.Fluent French speaker.If this sounds like something you would be interested in please apply or reach out directly to [email protected] is acting as an Employment Agency in relation to this vacancy.

Learn more

Technical DevOps Lead

Added 06/08/2025

Location: United Arab Emirates (Relocation Supported) Contract Type: 12-Month Contract Salary: £130,000+ tax-free per annum + $10,000 relocation bonus + full visa and healthcare coverageOverview:A leading consultancy is seeking an experienced Technical DevOps Lead to support the development of a sovereign AI platform in the UAE. This is a senior, hands-on role with a focus on Azure cloud environments, delivering enterprise-scale DevOps and automation solutions.This is a unique opportunity to join a high-impact national initiative while enjoying a highly competitive, tax-free package and full relocation support.Key Responsibilities:Lead the design, implementation, and optimisation of DevOps practices and cloud infrastructureDrive Infrastructure as...

Learn more

Communications Lead (Merger & Acquisition exp mandatory)

Added 04/07/2025

Role: Communications Lead (Merger & Acquisition exp mandatory)Type: Inside (IR35)Nature: Hybrid- 2 days per week in officeStart date: ASAP Qualifications:Experience: 5+ years of experience in a mid-senior role managing employee communications, with previous roles in managing communications for major acquisitions or similar large-scale projects essential. Experience in the deployment and engagement of large-scale organisational changes would be advantageous.Skills: Exceptional writing and editing skills, with a demonstrated ability to produce clear, compelling content focusing on organisational change. Proficient in using Microsoft Office applications to create, edit, and manage documents, presentations, and spreadsheets. Familiarity with change management principles and methodologies is essential...

Learn more

Lead Azure Platform Engineer

Added 24/06/2025

Lead Azure Platform EngineerLocation: UtrechtWorking model: hybrid 2 days on-siteSalary €92,000 + 8% holiday allowanceContract type: Perm/DetavastI'm looking for a Lead Azure Platform Engineer to work on the development of a state of the art AI platform which is tackling financial crime challenges.You will be a hands on leading a team of 8 engineers building and deploying critical infrastructure, CI/CD pipelines and security of the platform to enable the Data Scientists and analysts to be able to do their work. You will coach and mentor the team providing them with technical guidance.Additional detailsTech: Azure, Azure DevOps, Terraform, CI/CD, DatabricksAI/ML experience...

Learn more

Cyber Security Project Manager

Added 10/10/2025

OverviewWe are seeking an experienced Cyber Security Project Manager to lead the planning, execution, and delivery of security initiatives across the organization. The successful candidate will manage multiple cyber projects, ensuring alignment with business objectives, compliance requirements, and security best practices.Key ResponsibilitiesLead and manage the end-to-end delivery of cyber security projects, including scoping, planning, budgeting, scheduling, and reporting.Coordinate with internal teams (IT, Security Operations, Infrastructure, Compliance) and external vendors to deliver projects on time and within scope.Implement and oversee projects related to threat detection, vulnerability management, incident response, security tooling, and governance improvements.Maintain and manage project documentation including plans, RAID...

Learn more

Security Architect (Secrets Management) | 700/day Inside IR35

Added 22/09/2025

Role: Security Architect Location: Sheffield - Hybrid Duration: 6 months rolling Rate: Up to £700/day (Inside IR35)I'm seeking a Security Architect with deep expertise in Secrets Management and Identity & Access Management (IAM) to deliver end-to-end solution designs and drive architectural excellence.Key Responsibilities:Produce architecture design documents aligned with business requirements and standards.Create and publish new architecture patterns, key decisions, and technical risk assessments.Present solutions to design authorities and senior stakeholders.Provide technical thought leadership and guidance to project teams.Experience required:Significant experience in Cyber Security, especially IAM, PAM, and Secrets Management (e.g., HashiCorp Vault).Proven track record in large-scale IT transformation programmes.Experience with...

Learn more

Senior Information Security Advisor

Added 12/09/2025

Senior Information Security AdvisorJob PurposeTo deliver Information Security services for clients, to strengthen and advance their information security posture, by providing technical information security advice and guidance. You may also provide support and advice internally on meeting organisational and product specific information security obligations. Your expertise will be vital in improving information security practices in a range of diverse, high-profile organisations across Europe.Key AreasInformation Security Support ActivitiesIndependently lead information security projects at the intersection with other data governance requirements, including:Delivering effective risk identification, management and remediation for clients, including complying with data protection requirements.Developing and updating information security policies, frameworks...

Learn more

Apply for...

Added
COMPETITIVE SALARY

Your file must be a doc, docx or pdf. No larger than 5MB.

In compliance with GDPR, you have the right to request a copy of the data entered on this form or to request its deletion at any time. The data is stored securely and can be accessed by emailing us. Please refer to our Privacy Policy for further information about how we process data. If you are happy to proceed, please confirm your consent below.

At least 8 characters, 1 uppercase, 1 lowercase and 1 special character or number
Your file must be a doc, docx or pdf. No larger than 5MB.

Let us know you agree to cookies

We use cookies to provide you with the best possible browsing experience on our website. You can find out more here.