1 to 25 of 120 NCSC Jobs in England

working knowledge of: JSP440, JSP604/453, JSP490 MOD/GDS Secure by Design principles ISO 27001, NIST CSF, CIS Controls v8 HMG, NPSA, NCSC policies and guidance Cloud security (Azure, AWS), containerisation, KMS, WAFs Event-driven microservices, network infrastructure, IDS/IPS AI security (ISO42001 desirable), ITHC scoping ...

successfully achieving ISO27001 or preferably SOC2 Type 2 Strong understanding of application security, cloud infrastructure, and DevOps practices Awareness of industry frameworks, such as NCSC Cyber Assessment Framework, Cyber Essentials Plus and OWASP Experience managing and selecting 3rd party vendors for audit and penetration testing Experience interacting with customer security ...

successfully achieving ISO27001 or preferably SOC2 Type 2 Strong understanding of application security, cloud infrastructure, and DevOps practices Awareness of industry frameworks, such as NCSC Cyber Assessment Framework, Cyber Essentials Plus and OWASP Experience managing and selecting 3rd party vendors for audit and penetration testing Experience interacting with customer security ...

legislation (e.g. GDPR, PCI DSS, ICO requirements). Security Control Frameworks such as ISO 27001, NIST CSF and CIS Controls v8. HMG, NPSA and NCSC security policies, standards and guidance. Have experience building and implementing secure by design principals within the software development lifecycle (SDLC). Threat Modelling - Kill Chain ...

legislation (e.g. GDPR, PCI DSS, ICO requirements). Security Control Frameworks such as ISO 27001, NIST CSF and CIS Controls v8. HMG, NPSA and NCSC security policies, standards and guidance. Have experience building and implementing secure by design principals within the software development lifecycle (SDLC). Threat Modelling - Kill Chain ...

legislation (e.g. GDPR, PCI DSS, ICO requirements). Security Control Frameworks such as ISO 27001, NIST CSF and CIS Controls v8. HMG, NPSA and NCSC security policies, standards and guidance. Have experience building and implementing secure by design principals within the software development lifecycle (SDLC). Threat Modelling - Kill Chain ...

cloud orchestration and containerisation technologies, such as Docker and Kubernetes Working knowledge of DevOps, CI/CD and Infrastructure-as-Code Understanding of NCSC Cloud Security Principles and its practical implementations Aker Systems Attributes At Aker we work as a team, we are collaborative, hardworking, open, and delivery obsessed. There ...

technical strategy and leading architecture teams. Deep understanding of secure cloud design, zero-trust models, and compliance frameworks such as NIST, DISA STIGs, and NCSC best practice. Expertise in Infrastructure-as-Code, containerisation (Kubernetes, OpenShift), and automation for secure cloud deployments. Strong knowledge of networking, encryption, IAM, and DevSecOps principles. ...

live phases deliver critical security assessments and IT Health Checks, providing expert assurance across portfolio projects, with a focus on SaaS tooling compliance against NCSC Cloud Security Principles facilitate and oversee Security Working Groups throughout all key development and deployment stages, ensuring risks are tracked, logged, and reported ...

live phases deliver critical security assessments and IT Health Checks, providing expert assurance across portfolio projects, with a focus on SaaS tooling compliance against NCSC Cloud Security Principles facilitate and oversee Security Working Groups throughout all key development and deployment stages, ensuring risks are tracked, logged, and reported ...

multi-cloud models. Familiar with common industry cloud providers - AWS, GCP, Azure, OCI. Practical understanding of industry cloud security principles and their application - NCSC, NIST, CSA. Familiarity with common cloud related compliance Benchmarks - CIS, GDPR, PCI-DSS, ISO27001, ISO27017, ISO27018, TSR, OFCOM. Strong documentation, design and presentation skills with ...

SCIF, air-gapped systems). Deep knowledge of: MOD and NATO security policies (JSPs, DEFCONs, STANAGs), NIST, CIS, ISO/IEC 27001 frameworks, UK NCSC principles and secure-by-design methodologies. Competent with cross-border IT operations, including data sovereignty, dual-use controls, and export classification. Strong track record ...

including Kubernetes, OpenShift, containers, Jenkins, CI/CD and IaC , and embedding CyberArk Conjur into these pipelines. Strong awareness of security and audit standards (NCSC, ISO 27001, NIST, FCA/financial, government). Excellent communication and stakeholder management skills, able to articulate PAM and secrets architecture to both technical ...

threat patterns. Profile cyber adversaries by analyzing behavioral patterns, infrastructure, and motivations to inform strategic and tactical defense measures. Collaborate with national partners including NCSC and NCA, to share your findings and coordinate responses. Produce high-quality, actionable reports and briefings for a range of stakeholders, including technical teams, senior ...

related field. A relevant cyber-security professional qualification (or demonstrable evidence of working towards a qualification) including, but not exclusively, any of the following: NCSC Associate Cyber Professional (ACP)/Certified Information Security Professional (CISSP)/Certified Information Security Manager (CISM)/Certified Cloud Security Professional (CCSP)/Certified Wireless ...

managing identity lifecycle management solutions. Strong knowledge of RBAC, privileged access management, and conditional access. Familiarity with Zero Trust models and government security frameworks (NCSC, ISO 27001). Proficiency in scripting and automation (PowerShell, API integrations). Experience supporting large-scale enterprise or government identity environments. Ability to engage confidently ...

Expectations increase with seniority. Degree in Engineering, Computer Science, Information Security or equivalent discipline. Interest in or possession of professional cyber qualifications such as NCSC ACP, CISSP, CISM, CCSP, CWSP, CRISC or CISA. Foundational to advanced experience in cybersecurity consulting or within an organisation operating OT or critical infrastructure. Understanding ...

stakeholders at all levels and present complex security topics in a clear and concise way. • Support accreditation activity and ensure alignment to standards including NCSC, ISO27001, NIST, and relevant HMG frameworks. What you will bring • Strong experience in cyber security architecture within Defence, Government or similarly complex environments. • Broad knowledge ...

data protection). Ability to produce concise, high-quality security documentation and reports. Solid grounding in security risk management and common security frameworks (NCSC, ISO 27001, NIST, etc.). Excellent communication, advisory, and stakeholder engagement skills. Desirable Experience with EDRMS implementation, security configuration, or governance. Relevant certifications (e.g., CISSP, CISM ...

with Azure Security Center, Microsoft Sentinel, Defender ATP, M365 Security & Compliance, and KQL scripting. Knowledge of frameworks such as MITRE ATT&CK, NIST, CIS, NCSC, and Security Scorecard. Understanding of network security systems (Zscaler, Darktrace, Firewalls, NAC, VPN, wireless, segmentation). Strong grasp of cloud computing (IaaS/PaaS/ ...

Background in the defence, maritime, or critical national infrastructure environment. Skills & Qualifications: Degree (or equivalent experience) in a relevant STEM or Information Security discipline. NCSC CCP SIRA status (or ability to achieve). Membership of a relevant professional body. Strong stakeholder engagement, leadership, and mentoring capabilities. Why Join? This ...

present detailed reports - Thorough understanding of Physical Security and information security law including GDPR and NIS - Exposure to Cyber Security frameworks, standards and certifications: NCSC CAF, NIST, ISO 27000 series, CIS, PSP, CRISK, RSES The role will also involve taking responsibility for reviewing Cyber Security policies, assisting with incident ...

Defence data standards Infrastructure as Code - Terraform or Ansible Experience with MODCloud, AWS, or Azure Testing frameworks: Jest, Mocha, Supertest Familiarity with JSP 440 , NCSC Secure Coding Guidelines , or Defence Digital standards Security Clearance Active SC clearance is mandatory . Candidates eligible for DV clearance will be prioritised for longer ...

Defence data standards Infrastructure as Code - Terraform or Ansible Experience with MODCloud, AWS, or Azure Testing frameworks: Jest, Mocha, Supertest Familiarity with JSP 440 , NCSC Secure Coding Guidelines , or Defence Digital standards Security Clearance Active SC clearance is mandatory . Candidates eligible for DV clearance will be prioritised for longer ...

responses; collaborate with delivery teams on migrations, automation and NOC handovers.? Embed MSP best practices (ITIL, TOGAF) ensuring designs align to SLAs, regulatory standards (NCSC, ISO27001) and vendor ecosystems.? Mentor junior architects, contribute to service catalogue evolution and conduct design reviews for risk/threat modelling.? Drive innovation in AIOps ...