1 to 25 of 45 NCSC Jobs in the UK excluding London

App Service). Security Frameworks & Secure by Design Strong understanding of Secure by Design principles and ability to bake security in from concept through production. Practical experience implementing the NCSC or NIST Cybersecurity Framework (CSF) and/or NIST SP 800-53 controls. Demonstrable understanding of ISO/IEC 27001 requirements and hands-on experience mapping technical controls to ISO More ❯

portfolio worth hundreds of millions of pounds. Working with product owners, delivery managers and enterprise architects, you will ensure every new or changed service conforms to Home Office and NCSC standards while enabling rapid, user centred delivery. You will analyse emerging threats, advise on proportional mitigations, and produce or tailor reference patterns covering identity, network segmentation, container security, data protection More ❯

is cloud native Experience of successfully achieving ISO27001 or preferably SOC2 Type 2 Strong understanding of application security, cloud infrastructure, and DevOps practices Awareness of industry frameworks, such as NCSC Cyber Assessment Framework, Cyber Essentials Plus and OWASP Experience managing and selecting 3rd party vendors for audit and penetration testing Experience interacting with customer security and data privacy teams Experience More ❯

to measure the effectiveness of cyber governance. Lead continuous improvement initiatives and mentor key personnel within governance functions. Ensure all policies, procedures, and controls are compliant with regulatory standards (NCSC, ISO 27001, NIST, CIS Controls). Identify, assess, and manage risks to project or organisational goals. Build alignment with executive stakeholders, board members, and external partners to ensure accountability and More ❯

/CD) Familiar with scripting languages like PowerShell, YAML, JSON Expertise in application security tools and DevSecOps processes Understanding of key frameworks and standards (e.g. OWASP, NIST SSDF, ISO27001, NCSC) Experience with threat modelling, risk assessments, and secure design reviews Comfortable owning security strategy and tooling across complex, modern product landscapes Strong communicator. Able to engage confidently with both engineers More ❯

/CD)- Familiar with scripting languages like PowerShell, YAML, JSON- Expertise in application security tools and DevSecOps processes- Understanding of key frameworks and standards (e.g. OWASP, NIST SSDF, ISO27001, NCSC)- Experience with threat modelling, risk assessments, and secure design reviews- Comfortable owning security strategy and tooling across complex, modern product landscapes- Strong communicator - able to engage confidently with both engineers More ❯

/CD) Familiar with scripting languages like PowerShell, YAML, JSON Expertise in application security tools and DevSecOps processes Understanding of key frameworks and standards (e.g. OWASP, NIST SSDF, ISO27001, NCSC) Experience with threat modelling, risk assessments, and secure design reviews Comfortable owning security strategy and tooling across complex, modern product landscapes Strong communicator. Able to engage confidently with both engineers More ❯

which are critical to UK defence and national security. To deliver this outcome, you must be passionate about cyber security and apply your deep understanding and experience of HMG, NCSC, and international cyber standards. The role will require excellent stakeholder management and communication skills to build the trust and support necessary for successful outcomes. You will be supported by team More ❯

and develop long-term plans and strategies. Knowledge & experience of relevant legislation, standards and best practice (including Data Protection AcUGDPR, NIS Regulations, DSP Toolkit, Cyber Essentials, ISO 27001, NIST, NCSC & ICO standards & recommendations, etc.) Significant experience working on both strategic & operational matters and managing digital services, at a senior level Significant experience in delivering and managing information security within large More ❯

standards and establishing frameworks. Expertise in identifying security issues in existing system designs, including recommending mitigations that balance cost, risk and usability. Knowledge of security standards and regulations (e.g. NCSC, ISO, SOC, NIST, PCI, GDPR). Experience in application architecture, software development and/or infrastructure architecture. Experience in testing the security of software and infrastructure using appropriate security tools. More ❯

persuade, influence and motivate others, with the right sense of urgency, without having formal authority. Building External Relationships: partner relationships with other SOCs (peers, customers and vendors) and National Cyber Security Centre operations Basic understanding of security methodologies and processes, and/or networking knowledge. knowledge of current real world cyber-attacks and impacts and how this could relate to More ❯

on secure cloud adoption, data protection, and architectural risk management Conduct security assessments, identifying risks and proposing effective mitigation strategies Ensure compliance with MOD policies, including JSP 440, and NCSC cloud security principles Work closely with delivery teams, architects, and senior stakeholders to embed security throughout the solution lifecycle Support security assurance and accreditation activities for cloud-based systems Essential More ❯

cyber risk, cyber maturity, security architecture, cyber transformation and regulatory compliance for cyber. Experience of various recognised cyber security relevant standards and regulations, such as NIST CSF, CRI2.0, ISO27001, NCSC CAF, GDPR and NIS2. Experience working in a variety of environments or organisational contexts to develop cyber strategy and manage cyber risk. Desire to work with large organisations trying to More ❯

cyber risk, cyber maturity, security architecture, cyber transformation and regulatory compliance for cyber. Experience of various recognised cyber security relevant standards and regulations, such as NIST CSF, CRI2.0, ISO27001, NCSC CAF, GDPR and NIS2. Experience working in a variety of environments or organisational contexts to develop cyber strategy and manage cyber risk. Desire to work with large organisations trying to More ❯

cyber risk, cyber maturity, security architecture, cyber transformation and regulatory compliance for cyber. Experience of various recognised cyber security relevant standards and regulations, such as NIST CSF, CRI2.0, ISO27001, NCSC CAF, GDPR and NIS2. Experience working in a variety of environments or organisational contexts to develop cyber strategy and manage cyber risk. Desire to work with large organisations trying to More ❯

management processes Support vulnerability management, penetration testing, and incident response Requirements for this role: 3+ years' experience in a senior cyber security role Strong knowledge of security frameworks (NIST, NCSC, CIS, MITRE ATT&CK) Hands-on experience with security tools: SIEM, IDS/IPS, firewalls, endpoint protection Expertise in Azure security and securing cloud platforms A solid understanding of vulnerabilities More ❯

solutions. Experience in identifying security issues in existing system designs or products, including recommending sensible mitigations that balance cost, risk and usability. Knowledge of security standards and regulations (e.g. NCSC, ISO, SoC, NIST, PCI, GDPR). Experience in application architecture, software development and/or infrastructure architecture. Experience testing the security of software and infrastructure using appropriate security tools. Experience More ❯

minimum of 5 years. Full UK driving licence. Ability to obtain (or currently hold) SC or DV clearance - this is non-negotiable and is set by the NSCS (National Cyber Security Centre ) for all Check Members. Willingness to travel for client engagements or on-site support. Travel is within the United Kingdom. CCL is an equal opportunities employer and positively More ❯

explaining findings, and recommending remedial actions to stakeholders. Investigating security incidents. Promoting security awareness within project teams and the organization. Candidate requirements: HMG Security Policy Framework (SPF) familiarity and NCSC Information Assurance Portfolio knowledge gained through studies. Masters degree in Information, Cyber, or Systems Security, along with a strong Cyber/STEM background. Eligibility and willingness to obtain UK Security More ❯

Essential Skills & Experience: Proven experience delivering secure architecture within complex, large-scale government or defence programmes. Deep knowledge of: Secure infrastructure and software solution design MOD security standards and NCSC design patterns Public and private cloud solutions using Software Defined Datacentre (SDDC) Secure cryptographic provisioning, PKI, ADFS, proxy services Defence Lines of Development and MOD Capability Integration Technical expertise across More ❯

on secure cloud adoption, data protection, and architectural risk management Conduct security assessments, identifying risks and proposing effective mitigation strategies Ensure compliance with MOD policies, including JSP 440, and NCSC cloud security principles Work closely with delivery teams, architects, and senior stakeholders to embed security throughout the solution lifecycle Support security assurance and accreditation activities for cloud-based systems Essential More ❯

It would be nice if you had: Excellent understanding of the engineering lifecycle and key gate review activities. Knowledge of current Crypto technologies,Key ManagementSystems & practicalCOMSECimplementations and MOD/NCSC standards. Knowledge or experience of ARP4754A/ARP4761 and its interrelationship with security. Security Clearance You must be eligible for full security clearance. For more information and guidance please visit … including Defence, Telecommunications, Energy and Finance to help secure national infrastructure and commerce in the UK and beyond. Our Practice is certified by the UK National Cyber Security Centre (NCSC) in the provision of advice and guidance to our customers. At Leonardo UK, we believe that a diverse and inclusive work environment unlocks our people's full potential and drives More ❯

Familiarity with threat modelling and architectural reviews , particularly in critical national infrastructure. Relevant certifications or credentials in IEC62443 or cyber security frameworks applicable to OT environments. Understanding of the NCSC Cyber Assessment Framework (CAF) is highly desirable. Why Join Us? Work for a company playing a crucial role in energy security and sustainability . Be part of an organisation investing More ❯

Familiarity with threat modelling and architectural reviews , particularly in critical national infrastructure. Relevant certifications or credentials in IEC62443 or cyber security frameworks applicable to OT environments. Understanding of the NCSC Cyber Assessment Framework (CAF) is highly desirable. Why Join Us? Work for a company playing a crucial role in energy security and sustainability . Be part of an organisation investing More ❯

officials, industry leaders, and academic professionals, supporting UKTL leaders in coordinating meetings and briefings. As a trusted national capability, UKTL will collaborate with standards bodies like 3GPP, the National Cyber Security Centre, the UK intelligence community, academia, Ofcom, and telecommunications service providers and vendors. What you could be doing for us: Managing the software development lifecycle of bespoke UKTL tools. More ❯