1 to 25 of 145 NCSC Jobs in England

of delivering security solutions for large-scale infrastructure, transformation or integration programmes Practical knowledge and understanding of industry security frameworks and guidance such as NIST CSF, NIST 800-53, NCSC CAF and other NCSC guidelines Good knowledge of networking (switching, routing, firewalls) Experience with the design concepts associated with adoption of Cloud platforms (AWS and/or Microsoft Azure) An More ❯

advise where necessary Experience in software security design review Strong knowledge of Agile, DevSecOps, System Engineer and or equivalent Knowledge of security standards and secure development principles such as NCSC Secure Development & Deployment Guidance, OWASP, NIST Secure Software Development Framework (SSDF - 800-218), Microsoft Azure Secure Development best practices, ISO27001 Experience with Azure cloud infrastructure, particularly Azure PaaS service Experience More ❯

It would be nice if you had: Excellent understanding of the engineering lifecycle and key gate review activities. Knowledge of current Crypto technologies,Key ManagementSystems & practicalCOMSECimplementations and MOD/NCSC standards. Knowledge or experience of ARP4754A/ARP4761 and its interrelationship with security. Security Clearance You must be eligible for full security clearance. For more information and guidance please visit … including Defence, Telecommunications, Energy and Finance to help secure national infrastructure and commerce in the UK and beyond. Our Practice is certified by the UK National Cyber Security Centre (NCSC) in the provision of advice and guidance to our customers. At Leonardo UK, we believe that a diverse and inclusive work environment unlocks our people's full potential and drives More ❯

portfolio worth hundreds of millions of pounds. Working with product owners, delivery managers and enterprise architects, you will ensure every new or changed service conforms to Home Office and NCSC standards while enabling rapid, user centred delivery. You will analyse emerging threats, advise on proportional mitigations, and produce or tailor reference patterns covering identity, network segmentation, container security, data protection More ❯

is cloud native Experience of successfully achieving ISO27001 or preferably SOC2 Type 2 Strong understanding of application security, cloud infrastructure, and DevOps practices Awareness of industry frameworks, such as NCSC Cyber Assessment Framework, Cyber Essentials Plus and OWASP Experience managing and selecting 3rd party vendors for audit and penetration testing Experience interacting with customer security and data privacy teams Experience More ❯

delivery, security and deployment models for IaaS, PaaS and SaaS provided by Amazon Web Service, Microsoft Azure or Google Cloud. Working knowledge of Cloud Security standards (e.g. NIST, CIS, NCSC, ISO). Practical application of analytical skills (e.g. process analysis, construct/validate hypotheses) including appropriate communication/reporting of outcomes (e.g. clear, concise and prioritised). Exposure to and More ❯

the secure design, assessment, and assurance of device and end point secure solutions , as part of a key Machinery of Government initiative, Developer Device Solution , aligned with government and NCSC security principles. We are seeking applications from candidates with: Security architecture experience in the EUC space. Proven experience designing and delivering cyber security architecture in Central Government or regulated environments. … for CI/CD and DevOps pipelines (e.g., Github, Gitlab, Azure DevOps, Jenkins). Understanding of End point Detection and Response (EDR), SIEM, MDM, & policy enforcement tools. Familiarity with NCSC Cloud Security Principles and Government Security Classifications. Experience with Zero Trust models and secure identity architectures. Security Clearance. Advantageous skills include CISSP, CISM, SABA; experience with Intune, Workspace One, Jamf More ❯

/CD) Familiar with scripting languages like PowerShell, YAML, JSON Expertise in application security tools and DevSecOps processes Understanding of key frameworks and standards (e.g. OWASP, NIST SSDF, ISO27001, NCSC) Experience with threat modelling, risk assessments, and secure design reviews Comfortable owning security strategy and tooling across complex, modern product landscapes Strong communicator. Able to engage confidently with both engineers More ❯

/CD) - Familiar with scripting languages like PowerShell, YAML, JSON - Expertise in application security tools and DevSecOps processes - Understanding of key frameworks and standards (e.g. OWASP, NIST SSDF, ISO27001, NCSC) - Experience with threat modelling, risk assessments, and secure design reviews - Comfortable owning security strategy and tooling across complex, modern product landscapes - Strong communicator - able to engage confidently with both engineers More ❯

/CD) Familiar with scripting languages like PowerShell, YAML, JSON Expertise in application security tools and DevSecOps processes Understanding of key frameworks and standards (e.g. OWASP, NIST SSDF, ISO27001, NCSC) Experience with threat modelling, risk assessments, and secure design reviews Comfortable owning security strategy and tooling across complex, modern product landscapes Strong communicator. Able to engage confidently with both engineers More ❯

/CD)- Familiar with scripting languages like PowerShell, YAML, JSON- Expertise in application security tools and DevSecOps processes- Understanding of key frameworks and standards (e.g. OWASP, NIST SSDF, ISO27001, NCSC)- Experience with threat modelling, risk assessments, and secure design reviews- Comfortable owning security strategy and tooling across complex, modern product landscapes- Strong communicator - able to engage confidently with both engineers More ❯

/CD) Familiar with scripting languages like PowerShell, YAML, JSON Expertise in application security tools and DevSecOps processes Understanding of key frameworks and standards (e.g. OWASP, NIST SSDF, ISO27001, NCSC) Experience with threat modelling, risk assessments, and secure design reviews Comfortable owning security strategy and tooling across complex, modern product landscapes Strong communicator - able to engage confidently with both engineers More ❯

/CD) Familiar with scripting languages like PowerShell, YAML, JSON Expertise in application security tools and DevSecOps processes Understanding of key frameworks and standards (e.g. OWASP, NIST SSDF, ISO27001, NCSC) Experience with threat modelling, risk assessments, and secure design reviews Comfortable owning security strategy and tooling across complex, modern product landscapes Strong communicator - able to engage confidently with both engineers More ❯

involves ensuring compliance with security standards, managing incidents, and collaborating with internal and external stakeholders. Key Responsibilities: Lead and manage the Cyber Security Operations team. Ensure compliance with security standards (ISO27001, NCSC CAF). Manage security incidents and vulnerabilities. Collaborate with third-party suppliers and internal teams. Provide expert advice on security technologies and processes. Requirements: Proven team leadership experience.Strong … inquiries and establish the team as the primary resource for advice. Efficiently manage the workload of personnel, ensuring timely completion of tasks and continuous improvement. Ensure continued compliance with NCSC, DHSC Cyber Assessment Framework, and HM Government Cyber security strategy. Develop, maintain, and promote security procedures and standards in line with NHSBSA requirements. Implement, monitor, and report on agreed service … compliance with the National Cyber Security Centre (NCSC) an the Department of Health and Social Care (DHSC) Cyber Assessment Framework (CAF)and continued adherence to HM Government Cyber security strategy and NCSC standards and best practice. 7. Supports the strategic direction of the Cyber security operation function by the development, maintenance, promotion and stewardship of Security Procedures and Standards, in More ❯

which are critical to UK defence and national security. To deliver this outcome, you must be passionate about cyber security and apply your deep understanding and experience of HMG, NCSC, and international cyber standards. The role will require excellent stakeholder management and communication skills to build the trust and support necessary for successful outcomes. You will be supported by team More ❯

Excellent communicator with the ability to influence at all levels Passionate about cloud innovation and continuous security improvement Microsoft Azure Security Engineer Associate or AWS equivalent Cyber Essentials/NCSC certification (or similar) Why Join? Be part of a high-profile modernisation programme at a critical juncture Join a newly formed Cloud Centre of Excellence and shape its future Enjoy More ❯

System Hardening, Cryptographic Controls (PKI, Data at Rest/In Transit), Protective Monitoring, and Security Auditing. Strong understanding of the ISO 27000 series, NIST Cyber Security & Risk Management Frameworks, NCSC CAF, and other industry standards. Familiarity with NCSC guidance and legacy Information Assurance (IA) standards. Experience with MOD security frameworks including JSP 604, JSP 440, JSP 902, and DEFCON 659A. More ❯

to undergo DBS and Counter Terrorist Check. It would be great if you had: Certifications such as CISSP, or other relevant qualifications. Experience with additional frameworks (e.g., SOC2, NIST, NCSC CAF). More than 2 years’ experience delivering IT or cybersecurity solutions. Benefits: 30 days annual leave + 8 bank holidays Additional day off for your birthday 3% employer pension More ❯

on secure cloud adoption, data protection, and architectural risk management Conduct security assessments, identifying risks and proposing effective mitigation strategies Ensure compliance with MOD policies, including JSP 440, and NCSC cloud security principles Work closely with delivery teams, architects, and senior stakeholders to embed security throughout the solution lifecycle Support security assurance and accreditation activities for cloud-based systems Essential More ❯

on secure cloud adoption, data protection, and architectural risk management Conduct security assessments, identifying risks and proposing effective mitigation strategies Ensure compliance with MOD policies, including JSP 440, and NCSC cloud security principles Work closely with delivery teams, architects, and senior stakeholders to embed security throughout the solution lifecycle Support security assurance and accreditation activities for cloud-based systems Essential More ❯

on secure cloud adoption, data protection, and architectural risk management Conduct security assessments, identifying risks and proposing effective mitigation strategies Ensure compliance with MOD policies, including JSP 440, and NCSC cloud security principles Work closely with delivery teams, architects, and senior stakeholders to embed security throughout the solution lifecycle Support security assurance and accreditation activities for cloud-based systems Essential More ❯

Strong programming/scripting skills (Python, Go, Groovy) with a clean, secure coding ethos. Microsoft Azure Security Engineer Associate or AWS equivalent is essential, along with Cyber Essentials/NCSC certification (or similar). About the company With a central mission to provide fair financial solutions to all, our client is a specialist lending and retail savings group who are More ❯

explaining findings, and recommending remedial actions to stakeholders. Investigating security incidents. Promoting security awareness within project teams and the organization. Candidate requirements: HMG Security Policy Framework (SPF) familiarity and NCSC Information Assurance Portfolio knowledge gained through studies. Masters degree in Information, Cyber, or Systems Security, along with a strong Cyber/STEM background. Eligibility and willingness to obtain UK Security More ❯

/Certified Information Security Manager (CISM) or equivalent. Associate/Full Membership of recognised security professional body such as the Institute of Information Security Professionals (IISP), IS2, BCS, CIISEC. NCSC Certified Cyber Professional/CESG CCP (Security and Information Risk Advisor or Security Architect). Understanding of 'Secure by Design' methodology and NIST 800-37 Risk Management Framework. A keen More ❯

/Certified Information Security Manager (CISM) or equivalent. Associate/Full Membership of recognised security professional body such as the Institute of Information Security Professionals (IISP), IS2, BCS, CIISEC. NCSC Certified Cyber Professional/CESG CCP (Security and Information Risk Advisor or Security Architect). Understanding of 'Secure by Design' methodology and NIST 800-37 Risk Management Framework. A keen More ❯