on key security metrics and risk indicators. Identify, register and assess cyber risks across business processes, applications, and industrial systems and translate security policies into actionable controls for IT / OT environments. Drive cybersecurity awareness and training tailored to business and OT users. Ensure compliance with industry regulations (e.g. ISO/IEC 62443, GDPR … IEC 62443). Relevant certificates for proof of competence are an advantage: CISSP, GICSO, CRISC CISM, CISA, ISO27001 Lead Auditor / Implementer Good knowledge of the ISO 27000 series of standards Very good abstraction skills and pronounced skills in logical-analytical and informatic thinking Very good command of spoken and … on support from committed colleagues. We offer attractive employment conditions and opportunities for personal and professional development. More Information We welcome your application in English, no later than 24 / 08 / 2025. We kindly request that you do not send applications by any means other than via our website as we cannot guarantee that we will be More ❯
by helping anticipate, detect, and respond to evolving cyber threats. What You'll Do Design and implement secure software solutions, applying security-by-design principles and recognised standards (ISO27001, NIST). Conduct threat modelling, code reviews, vulnerability assessments, and penetration tests to identify and mitigate risks. Respond to security incidents, perform root cause analysis, and … in using vulnerability assessment and penetration testing tools (e.g. Nessus, Burp Suite) Familiarity with security frameworks (ISM, PSPF, ISO27001) and tools like SIEM, IDS / IPS, and threat intelligence platforms Excellent problem-solving, communication, and collaboration skills, with strong attention to detail and a proactive mindset We welcome applications from candidates with entry-level More ❯
government to deliver holistic, customer centric cyber security services and consultancy support that continually evolves to emerging technologies and the ever-changing threat and risk landscape to support HMRC / HMG business needs. This is an exciting time to be part of our active and encouraging cyber security community, working within HMRC and across HMG. Job description As a … in the business and drive organisational objectives. You will influence policy and lead on technical and business change. You may also be required to take responsibility for a CSTS / Cyber GSEC Capability and form an integral part of our SLT. Broadly, we would expect the successful candidate to align with the Government Security Professional Framework for one or … escalate cyber risks for the business and influence appropriate decisions in keeping with the HMRC and HMG risk appetite. Responsibilities Lead and develop the technical security expertise and capability / services of the CSTS / Cyber GSEC Technical team and drive learning and development strategy. Be the nominated Security Programme Lead, driving the delivery and development of technical More ❯
Microsoft Intune (Windows, Android, iOS) Secure email and endpoints (SPF, DKIM, DMARC, Defender for Endpoint) Ensure robust data protection and regular backup testing Drive patching and vulnerability remediation Support ISO27001 or Cyber Essentials Plus certification Use basic PowerShell scripting to automate tasks Manage IT budgets, procurement, and project delivery Report on IT operations and project progress to leadership Experience with More ❯
Microsoft Intune (Windows, Android, iOS) Secure email and endpoints (SPF, DKIM, DMARC, Defender for Endpoint) Ensure robust data protection and regular backup testing Drive patching and vulnerability remediation Support ISO27001 or Cyber Essentials Plus certification Use basic PowerShell scripting to automate tasks Manage IT budgets, procurement, and project delivery Report on IT operations and project progress to leadership Experience with More ❯
understanding of cyber, technology and resilience risks to provide high quality independent assurance on the effectiveness of controls. Responsibilities include: Audit Planning: planning for a portfolio of audits, requesting / selecting resources and liaising with stakeholders to discuss and propose scope and timelines. Audit Execution: managing delivery of a portfolio of audits, delivering audits on time and within budget … ll need: Industry best-practices - Strong technical knowledge and experience of Cyber Security best practices, risks, frameworks and standards, including practical application of NIST, MITRE and ISO27001. Related cyber / information qualifications valued e.g. Certified Information Systems Security Professional (CISSP). Security testing - Knowledge and understanding of ethical hacking / security testing best practices and techniques (with hands … on experience valued). Relevant qualifications valued e.g. Certified Ethical Hacker (CEH), Offensive Security Certified Professional (OSCP . Audit and / or risk and controls experience - Practical experience of assessing cyber risks and key controls, documenting appropriate test plans to deliver on audit objectives. Applicants should be able to identify control gaps and clearly articulate these to senior stakeholders. More ❯
