Job Details Role Requirements Role Requirement 1 Governance, Policy & Framework Support Support the maintenance and continuous improvement of information security policies, procedures, standards, and supporting documentation. Assist with embedding security governance requirements into ICT and business processes, ensuring alignment with organisational objectives. Support security frameworks (e.g. ISO 27001, ISO 27701, NIST or equivalent) by maintaining documentation, registers, and evidence. Track and report on actions arising from governance forums, audits, and reviews. Role Requirement 2 Risk Management, Assurance & Compliance Support the delivery of cyber security risk assessments, including risk identification, documentation, and tracking of treatment actions. Maintain risk registers, action logs, and assurance artefacts in line with agreed risk management processes. Assist with control assurance activities, validating that controls are implemented and operating effectively, and gathering supporting evidence. Provide operational support for internal and external audits, including evidence collection, documentation review, coordination with stakeholders, and tracking audit findings through to closure. Support escalation and reporting of overdue or high-risk issues to senior security and governance forums. Role Requirement 3 Penetration Testing & Security Assessment Support Support the coordination and management of penetration testing and security assessments, including scoping, scheduling, and stakeholder engagement. Assist with validation, documentation, prioritisation, and risk contextualisation of findings. Track remediation actions arising from penetration tests and assessments, working with Security Operations, ICT teams, suppliers, and other stakeholders within the business. Support follow-up testing and formal closure of findings. Role Requirement 4 Operational Security Support & Cross - Team Collaboration Provide cross-cover for Security Operations activities when required, including assisting with incident response, evidence gathering, and reporting. Support vulnerability, patch, and control assurance activities by validating remediation status and providing governance oversight. Contribute governance and risk input during incidents, projects, and significant changes. Collaborate closely with Operations-focused analysts to ensure alignment between control design, implementation, operation, and assurance. Required Experience Minimum 1 year experience in cyber security, ICT governance, risk, compliance, audit, or a related ICT role. Understanding of information security governance concepts, including risk management, controls, and assurance. Understanding of networking fundamentals, operating systems (Windows/Linux), and security concepts. Awareness of security regulation, frameworks and standards such as NIS2, ISO 27001, NIST, or similar. Strong documentation, organisation, and attention-to-detail skills. Strong analytical and troubleshooting skills with the ability to prioritise operational security issues. Clear written and verbal communication skills, particularly when documenting incidents or explaining technical issues to non-technical stakeholders. Desirable Experience supporting security awareness or phishing simulation platforms. Exposure to public sector or regulated environments. Experience working with third-party suppliers or managed security services. Qualifications Relevant third level IT qualifications (e.g. Degree, Diploma) or equivalent technical certification is essential. Desirable Comp TIA Security+ ISO27001 Lead Implementor/Auditor Microsoft SC or AZ Certifications ISC2/ISACA Certifications View Full Job Description here. To be considered for this role you will be redirected to and must complete the application process on our careers page. To start the process click the Apply button below to Login/Register.