1 to 25 of 53 NCSC Jobs in the UK excluding London

/residing in UK Strong working knowledge of: JSP440, JSP604/453, JSP490 MOD/GDS Secure by Design principles ISO 27001, NIST CSF, CIS Controls v8 HMG, NPSA, NCSC policies and guidance Cloud security (Azure, AWS), containerisation, KMS, WAFs Event-driven microservices, network infrastructure, IDS/IPS AI security (ISO42001 desirable), ITHC scoping and remediation Threat modelling (Kill Chain More ❯

security controls. Ensure solutions comply with 'Secure by Design' principles, corporate policies, and industry frameworks. Assess vulnerabilities, lead risk mitigation, and ensure compliance with industry standards (ISO 27001, NIST, NCSC). Contribute to security design documentation, options papers, and client presentations. Collaborate across 1st, 2nd, and 3rd lines of defense on cyber risk, compliance, and governance. Create and present design More ❯

/or corporate industry (financial services). Demonstrable experience in designing, implementing and managing security solutions tailored for cloud environments and aligned to industry-standard cybersecurity frameworks such as NCSC CAF/NIST/CIS. This includes proficiency in securing cloud platforms such as AWS, Azure, understanding cloud-native security services, and expertise in configuring security groups, IAM policies, and More ❯

base on their severity and business impact. Leading the design, assurance, and continuous improvement of security systems and tooling, ensuring alignment with national cyber standards and best practices (e.g. NCSC, ISO 27001, NIST). Collaborating with architects, risk owners, and delivery teams to embed secure design principles and ensure the security operations centre (SOC) is equipped to handle emerging threats More ❯

Council professional registration (e.g. Chartered, Principal, Practitioner). Experience with HMG/MoD security standards, policies, and frameworks. Exposure to Secure by Design principles and assurance tooling. Knowledge of NCSC CAF, ISO 27001 audits, NIST frameworks, and supplier assurance. Experience working in defence, government, or regulated industries. Additional Requirements Eligible for UK security clearance (SC or DV preferred). UK More ❯

Council professional registration (e.g. Chartered, Principal, Practitioner). Experience with HMG/MoD security standards, policies, and frameworks. Exposure to Secure by Design principles and assurance tooling. Knowledge of NCSC CAF, ISO 27001 audits, NIST frameworks, and supplier assurance. Experience working in defence, government, or regulated industries. Additional Requirements Eligible for UK security clearance (SC or DV preferred). UK More ❯

Assurance and Risks. Security related legislation (e.g. GDPR, PCI DSS, ICO requirements). Security Control Frameworks such as ISO 27001, NIST CSF and CIS Controls v8. HMG, NPSA and NCSC security policies, standards and guidance. Have experience building and implementing secure by design principals within the software development lifecycle (SDLC). Threat Modelling - Kill Chain - Attack tree analysis. Working understanding More ❯

Governance, Risk, and Compliance Ideally, You'll Also Have: Security-related qualifications such as CISSP, CISM, CISMP, ISO27001 lead implementer or auditor, MBCI, or IAPP. Experience operating within an NCSC Assured Cyber Consultancy. Understanding of the cybersecurity regulatory landscape and assessment frameworks (e.g., NIS2, NIST CSF). Key delivery experience in cybersecurity strategy, transformation, and compliance. Sector experience in Government More ❯

cyber leaders Ideal Background Proven experience in cyber strategy, transformation, and risk management within complex organisations Strong knowledge of regulatory and security frameworks (e.g. NIST CSF, ISO27001, GDPR, NIS2, NCSC CAF) Experience across areas such as GRC, security architecture, threat management, or vulnerability management Outstanding communication and stakeholder engagement skills, with the ability to influence at C-suite and board More ❯

Assurance and Risks. Security related legislation (e.g. GDPR, PCI DSS, ICO requirements). Security Control Frameworks such as ISO 27001, NIST CSF and CIS Controls v8. HMG, NPSA and NCSC security policies, standards and guidance. Have experience building and implementing secure by design principals within the software development lifecycle (SDLC). Threat Modelling - Kill Chain - Attack tree analysis. Working understanding More ❯

of cloud platforms such as AWS and Microsoft Azure, as well as Microsoft Entra ID and M365. Familiarity with frameworks such as NIST CSF, Cyber Assessment Framework (CAF), and NCSC Cloud Security Principles. Proven ability to influence stakeholders and support secure delivery in large, complex environments. Excellent communication skills and ability to collaborate with globally distributed teams. A degree in More ❯

security certification. Desirable Full Membership of the Chartered Institute of Information Security (CIISec) - highly desirable. Chartered or Principal status via the UK Cyber Security Council for Secure Systems Architecture. NCSC Certified Cyber Professional in Security Architecture. IEng or CEng registered with UK Engineering body. Chartership through the British Computer Society. SABSA Chartered Security Architect Other information: Logiq is committed to More ❯

security certification. Desirable Full Membership of the Chartered Institute of Information Security (CIISec) - highly desirable. Chartered or Principal status via the UK Cyber Security Council for Secure Systems Architecture. NCSC Certified Cyber Professional in Security Architecture. IEng or CEng registered with UK Engineering body. Chartership through the British Computer Society. SABSA Chartered Security Architect Other information: Logiq is committed to More ❯

security certification. Desirable Full Membership of the Chartered Institute of Information Security (CIISec) - highly desirable. Chartered or Principal status via the UK Cyber Security Council for Secure Systems Architecture. NCSC Certified Cyber Professional in Security Architecture. IEng or CEng registered with UK Engineering body. Chartership through the British Computer Society. SABSA Chartered Security Architect Other information: Logiq is committed to More ❯

security certification. Desirable Full Membership of the Chartered Institute of Information Security (CIISec) - highly desirable. Chartered or Principal status via the UK Cyber Security Council for Secure Systems Architecture. NCSC Certified Cyber Professional in Security Architecture. IEng or CEng registered with UK Engineering body. Chartership through the British Computer Society. SABSA Chartered Security Architect Other information: Logiq is committed to More ❯

business risk models and associated material, in support of operational cyber security and business planning activity across a range of different domains or sectors against recognised standards (e.g. ISO27001, NCSC CAF, NIS Directive, UK GovAssure) Identify mitigations for cyber risk in a given business or operational scenario and threat environment Lead and deliver cyber security audits, risk reviews and control More ❯

business risk models and associated material, in support of operational cyber security and business planning activity across a range of different domains or sectors against recognised standards (e.g. ISO27001, NCSC CAF, NIS Directive, UK GovAssure) Identify mitigations for cyber risk in a given business or operational scenario and threat environment Lead and deliver cyber security audits, risk reviews and control More ❯

business risk models and associated material, in support of operational cyber security and business planning activity across a range of different domains or sectors against recognised standards (e.g. ISO27001, NCSC CAF, NIS Directive, UK GovAssure) Identify mitigations for cyber risk in a given business or operational scenario and threat environment Lead and deliver cyber security audits, risk reviews and control More ❯

delivery of Trust Services. Conduct vulnerability assessments and other associated activities as appropriate within the Trust to Identify, remediate and mitigate risks to the Trust. Liaise with NHS England, NCSC and other relevant bodies as required ensuring IT Security advisories, directives and notifications are actioned and logged. This includes but is not limited to CareCERT, CiSP, vendor and other specialist More ❯

best practices using Infrastructure as Code (IaC) tools such as Terraform, Packer, CloudFormation and Cloud-Init Skills in Containerization: Kubernetes, ECS/Fargate, Nomad, Security: Hashicorp Vault, PKI, TLS, NCSC Principles, Networking: VPC Peering, DNS, Service Mesh, Identity & Device Management: Keycloak, Entra ID, JAMF, Okta. Extensive and demonstrable experience in designing, building, maintaining Linux workloads running across multiple environments on More ❯

youll be doing Lead and deliver client engagements across governance, risk and compliance (GRC), including audits, assessments and improvement plans aligned to frameworks such as ISO/IEC 27001, NCSC CAF, and PCI DSS. Lead independent assurance , review and test security policies, procedures and controls; identify gaps; and recommend pragmatic remediation strategies. Develop and present security strategies that enhance resilience More ❯

duties consist of but are not limited to: Ensure security architecture aligns with wider Gov security policies and frameworks, legal frameworks, industry regulations and best practise (e.g ISO 27001, NCSC Standards, GDPR, PCI DSS, GovAssure, Secure by Design). Support the secure by design champion in building awareness and understanding of secure by design framework across DDaT. Manage the security More ❯

a sole UK National. Desirable Skills: To support the requirements of this role an awareness of national and international standards including the ISO27000 family, along with familiarity with recent NCSC guidance would be helpful. Knowledge and experience of using a suitable maturity model to develop the SOC, and the subsequent implementation of an agreed standard to improve this maturity where More ❯

cross-HMG security principles), into usable, department-specific tools and guidance. Engage with OGDs and cross-HMG forums to ensure our frameworks align with DSIT, Cabinet Office and National Cyber Security Centre standards. Establish and maintain secure-by-design and explainability guardrails for AI across the estate. Provide enterprise-level architectural governance across AI pilots, ensuring reuse, integration and compliance. More ❯

cross-HMG security principles), into usable, department-specific tools and guidance. Engage with OGDs and cross-HMG forums to ensure our frameworks align with DSIT, Cabinet Office and National Cyber Security Centre standards. Establish and maintain secure-by-design and explainability guardrails for AI across the estate. Provide enterprise-level architectural governance across AI pilots, ensuring reuse, integration and compliance. More ❯