Rodeo
ResourcesPartnersSign in

TalentHawk

Information Security Assurance Analyst

Portsmouth
Posted about 17 hours ago
Sign up to applySee more jobs like this

How your CV stacks up

1Upload CV
2Analyse CV
3Improve CV

Upload your CV to see how well it fits this job role

?%

Role Overview

Perform a threat modelling exercise of all projects and provide mitigating cyber security requirements to help ensure the secure delivery of compliant systems, applications and business processes.

Review both high/low level architecture definition documents for compliance against security policies, standards and regulatory requirements, defining Cyber non-functional requirements.

Attend Technical Design Authority (TDA) meetings to provide security signoffs.

Work within the Security Assurance team consisting of security assurance analysts/consultants providing thought leadership across several assurance functions, and helping smooth engagements with project delivery teams.

Perform cyber security risk assessments, compliance checks, audits and reviews to ensure that appropriate security controls are in place and highlight any deficiencies and gaps for management consideration.

Provide support in scoping and overseeing pen tests and re-tests. Review recommendations and collaborate with the relevant teams to support remediation efforts.

Provide cyber security assurance activities by ensuring implemented solutions are a replica of agreed and approved architecture definition documents, helping to facilitate penetration testing, whilst providing security advice and guidance.

Support to management, BAU, and projects to comply with legal and regulatory requirements.

Where required, propose solutions and coordinate delivery of mitigating actions to ensure risk levels are aligned with risk appetite.

Reasons to use Rodeo

I’m in my final year doing Economics and I don’t know whether to apply for grad schemes now or do a masters first. What do you think?

Honest answer — it depends on where you want to end up. A lot of top grad schemes (Big 4, civil service, banking) don’t need a masters. Let’s look at the ones you’d be competitive for now, and we can decide if a masters actually adds anything.

Also worth knowing: most autumn 2026 applications are open now. Timing matters more than you think.

Start with a chat, not a search bar

Grad scheme, placement, apprenticeship? Not sure what you want yet — that's fine. Your agent talks it through with you and turns "I have no idea" into a shortlist.

P

Graduate Consultant — 2026 Scheme

PwC·London, UK
£35,000/yr

Why you're a good match

Strong

Your economics background and your summer at a regional bank line up with what PwC looks for on the consulting scheme. Applications close in four weeks.

See breakdown
Save jobNot relevant
View details

It searches the market for you

Every day your agent scans the market matching roles against what actually matters to you, not just keywords on a CV.

Why you're a good match

You’ve got the grades and the economics background, and your bank internship is exactly the experience this scheme looks for. Apply soon — deadlines close within the month.

See breakdown
Strong

Experience fit

Your summer at the bank plus your econometrics coursework map directly to the day-one responsibilities on this scheme — client modelling, market briefings, and deal support.

See breakdown
Strong

Only hits

No noise. No "maybe this fits." Just roles with a clear explanation of why they're right — and where to focus when applying.

Perform compliance checks to ensure Cyber Security controls are operating as designed.

Ensure security assurance processes and procedures are followed and evidence retained for regulatory and audit purposes.

Support continued service improvement activities.

Provide relevant updates to monthly CNI and governance forums.

Provide relevant input to security reports to execs, shareholders, and the board.

Support regulatory reporting.

Support regulatory inspections, internal and external audits, and remediation of findings.

Ensure identified issues and risks resulting from security assurance activities are appropriately managed, providing visibility to senior leaders of high-risk areas.

Support the CISO and wider cyber management team.

Build and maintain relationships with key stakeholders, including the PMO and delivery teams, IT Operations, product groups, Architecture, and third-party security providers.

What You'll Bring

  • The individual should be educated to degree level in a relevant discipline.
  • Must be CISM/CISSP/CCSP/TOGAF/CRISC/AWS Solution Architect or equivalent certified or willing to undergo certification on the job.
  • Must have Security Clearance or be eligible for security clearance.
  • Must have experience in Cloud (IaaS, PaaS, SaaS).
  • Must have proven expertise in three of the following security areas: identity and access management, network security, end-user security, threat modelling, Security Risk and Compliance, penetration testing.
  • Must have at least 3 years’ cyber security experience.
  • Good understanding and practical experience of Cyber Security Frameworks and standards such as NCSC CAF, NIST Framework, ISO 27001, ISO27005, IEC62443, etc.
  • Good understanding of Cyber Assurance Framework and experience with working with Regulators and providing compliance updates.

Get help with your application

Your very own career expert that helps elevate your application to the next level.

Get help applying for this job

Skills That Will Help You In The Role

  • Knowledge and experience on IT Auditing/Control testing, IT Information Security, and IT generic computing controls.
  • Knowledge of technology risk and controls including relevant tools and techniques.
  • Knowledge of key areas in technology risk, including operations, change, security, resilience at both application and infrastructure layers.
  • The suitable candidate must be a highly motivated individual.
  • A proven track record as a cyber security subject matter expert in this or other organizations is a prerequisite requirement.
  • The role will require a significant attention to detail and ability to work with both a strategic, Director level, as well as working with subject matter experts on detailed design issues and application, integration, and data modelling.
  • The successful candidate will be required to be an excellent communicator and not averse to dealing with conflict management and decision making on a regular basis.
  • Desirable experience in Vulnerability Assessment and Management, Cloud Security Architecture, Application Security, Security Operations Centre and Investigations, Incident Management, and Security Engineering.
Trusted by 25,000+ job seekers

“It took my CV and asked me questions relevant to understanding what kind of jobs to suggest for me. Suggestions were almost perfect. Jobs were exactly what I’ve been looking for.”

Jessica, London

Get help applying for this job

Skills

Threat Modelling
Cyber Security
Risk Assessments
Compliance Checks
Penetration Testing
Security Policies
Cloud Security
Identity and Access Management
Network Security
End User Security
Security Risk and Compliance
IT Auditing
Security Engineering
Incident Management
Security Operations Centre
Vulnerability Assessment

Location

Portsmouth, England, United Kingdom

Sign up to applySee more jobs like this