base on their severity and business impact. Leading the design, assurance, and continuous improvement of security systems and tooling, ensuring alignment with nationalcyber standards and best practices (e.g. NCSC, ISO 27001, NIST). Collaborating with architects, risk owners, and delivery teams to embed secure design principles and ensure the security operations centre (SOC) is equipped to handle emerging threats More ❯
Governance, Risk, and Compliance Ideally, You'll Also Have: Security-related qualifications such as CISSP, CISM, CISMP, ISO27001 lead implementer or auditor, MBCI, or IAPP. Experience operating within an NCSC Assured Cyber Consultancy. Understanding of the cybersecurity regulatory landscape and assessment frameworks (e.g., NIS2, NIST CSF). Key delivery experience in cybersecurity strategy, transformation, and compliance. Sector experience in Government More ❯
product development activities. Liaison with Security Accreditors and Security Assurance Coordinators in support of security accreditation. Preparation of Protection Profiles, Security Targets and Evaluation Management Plans, and liaison with NCSC and commercial evaluation teams in support of evaluation activities. Preparation of TEMPEST Control Plans, advising development teams on appropriate implementation techniques, and liaising with TEMPEST test facilities. Advising development teams … solutions for a military &/or commercial products and systems. Graduate degree in relevant engineering, computing or related scientific discipline, and/or evidence of further professional study. Registered NCSC certified professional at senior level or above, or NCSC recognised qualification, e.g. ISC2Certified Information System Security Professional. Knowledge of UK/NATO Information Assurance standards, procedures & systems, including Government Functional … Standard GovS 007: Security, HMG IS1&2, ISO27000 series standards, NIST SP800 series standards, JSP440, JSP604, guidance material provided by NCSC, CPNI and NIST. Practical experience of producing Security Accreditation documentation Practical experience of NCSC and Common Criteria security evaluation techniques. Knowledge of current crypto technologies and key management systems Model Base System Engineering (MBSE) knowledge Understanding operating systems, firmware More ❯
