Back to search
Caraffi Linkedin · Posted 5d ago

Security Assurance Analyst

United Kingdom

Linkedin
Continue to application Add your email once, then Caio opens the original posting.

Indexed description

Location: Reading or Dublin – hybrid (2 days a week)

Travel: Occasional travel between sites

Salary & Package: Competitive


A global retail organisation is seeking a Security Assurance Analyst to join its Cyber Security function. This is a permanent role within a growing security team, supporting a major technology transformation and helping to strengthen enterprise‑wide security posture.


This position will play a key role in delivering security assurance across projects, programmes and third‑party suppliers, ensuring that security controls, documentation and governance processes are consistently applied.


What You’ll Do

  • Support the assurance team in conducting project security reviews across major technology initiatives
  • Maintain key assurance repositories including supplier registers and project assurance lists
  • Coordinate penetration testing logistics and ensure required documentation is completed to the right standard
  • Validate that security controls are implemented and compliant prior to go‑live
  • Support third‑party assurance reviews for new and existing suppliers
  • Populate and maintain the Third‑Party Risk Management tool, ensuring data accuracy and completeness
  • Collate and track third‑party documentation (SOC, PCI, ISO 27001 etc.) and flag outdated reports
  • Work with the Risk Management team to ensure third‑party risks are accurately reflected in the GRC platform
  • Contribute to continuous improvement of security assurance processes and governance


What You’ll Bring

  • Knowledge of GRC platforms and TPRM modules
  • Understanding of Waterfall and Agile delivery methodologies and security‑by‑design principles
  • Familiarity with penetration testing approaches and remediation guidance
  • Strong analytical skills and high attention to detail
  • Knowledge of security frameworks such as ISO 27001 and NIST
  • Understanding of GDPR, PCI and how regulations influence project requirements
  • Ability to assess third‑party risk based on service scope, posture and supporting evidence
  • Awareness of key certifications (ISO 27k, Cyber Essentials) and their relevance
  • Strong organisational skills with the ability to analyse and present data clearly
  • Minimum 3 years’ experience in an information security role with a focus on assurance
  • Relevant degree or equivalent professional qualification


Desirable Experience

  • Experience supporting security accreditation programmes (ISO 27001, PCI, Cyber Essentials)
  • Exposure to data analytics tools such as Power BI
  • Experience working with GRC tools such as OneTrust
  • Ability to communicate clearly with stakeholders across technology and business teams
  • Proactive mindset with the ability to work independently and manage multiple priorities


Free. 20 seconds. No password. See every match in this search.

Create a free Caio profile to unlock more results and save your role and location preferences.

Unlock free search
Want help applying to roles like this? Search Caio for free. If CV tailoring and application tracking get heavy, Full Caio Agent adds a human specialist.
View Full Agent