SC Cleared Cyber Security Assurance Lead

We are seeking an experienced SC‑cleared Cyber Security Assurance Lead to oversee and driveThe Security by Design (SbD) workstream for a major assurance process project.This role requires deep expertise in security governance, cloud architectureassurance, and security control frameworks, with the ability to work closelywith client stakeholders to ensure that all SbD requirements, artefacts, andcontrols are correctly identified, implemented, and evidenced throughout theproject lifecycle.
The position involves guiding multidisciplinary teams, shaping securitydeliverables, and ensuring that solutions meet both organisational policy andindustry best‑practice standards.

Key Responsibilities:

Lead the Security by Design (SbD) Workstream:

Own and lead the end‑to‑end Security by Design assurance process across all projectphases.
Determine the required SbDartefacts, ensuring they align with organisational security policies andrelevant regulatory requirements.
Provide structured guidance andoversight to project teams, architects, and engineers to embed secure designprinciples from inception through to delivery.
Ensure all security risks,deviations, and design decisions are captured, assessed, and appropriatelygoverned.

Stakeholder Engagement & Governance:
Work collaboratively with clientsecurity, architecture, risk, and delivery stakeholders to gather information,validate assumptions, and ensure clear alignment with security expectations.
Facilitate security reviews,design walkthroughs, and risk assessments.
Communicate complex securityconcepts in a clear and actionable manner to both technical and non‑technical audiences.

Assurance & Compliance:

Conduct detailed assessments ofproposed architectures and solutions against NIST 800‑53 security controls, identifyingcontrol gaps and required mitigations.
Review and validate solution designsagainst cloud security best practices, crypto standards, and cross‑domain security principles.
Ensure traceable mapping ofsecurity requirements to design artefacts, test evidence, and governancedocumentation.
Support accreditation, riskmanagement processes, and preparation of formal assurance evidence.

Required Skills & Experience:

Strong working knowledge of NIST 800‑53 controls and their application toenterprise and government‑gradesystems.
Cloud security architectureexpertise, with the ability to review and challenge designs across AWS, Azure,and hybrid architectures.
In‑depth understanding of cryptographic principles, encryptionstandards, key management, and secure protocol design.
Knowledge of cross‑domain solutions, data flows, andsecurity boundary controls.
SecurityLeadership
Demonstrated experience leadingSecurity by Design or Secure Architecture Assurance activities in complexenvironments.
Ability to influence, challenge,and guide technical teams to ensure secure outcomes.
Experience producing andreviewing key artefacts such as Threat Models, Security Architecture Designs,Risk Assessments, Control Matrices, and Accreditation Packs.
Clearance

Active SCClearance is essential due to the natureof the project and the sensitivity of systems involved.

Ideal Candidate Profile:

The ideal individual will be a highly credible security assuranceprofessional capable of operating at pace in a high‑assuranceenvironment. They will combine strong governance knowledge with hands‑onarchitectural understanding, enabling them to bridge the gap between policy,design, and implementation. This role suits someone who is confident leadingsecurity discussions, shaping security deliverables, and ensuring that securedesign principles are consistently applied.

Hays Specialist Recruitment Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept the T&C's, Privacy Policy and Disclaimers which can be found at (url removed)