Andover, England, United Kingdom Hybrid / WFH Options
Civica
priorities and requirements Experience of Secure Software Development Lifecycle processes and methodologies Knowledge and experience of applying best practice for solution security (e.g., OWASP, NCSC cloud security principles) Strong understanding and practical experience of performing security threat modelling and articulating risk profiles Deep understanding of security concepts and demonstrated application more »
formal accreditation by MoD of AWE corporate systems and of other specified AWE systems. Provide an interface between AWE and the National Technical Authority (NCSC). Oversee IT Health Check and Vulnerability Assessments by approving scope of tests and overall testing programme. Advise AWE managers on the appropriate level of more »
emerging technologies and assurance techniques. Project management skills, including budgeting and resource management. Experience of applying industry standards such as ISO27001, NIST 800-53, NCSCCyber Assurance Framework (CAF), IEC 62443. Understanding of Continual Assurance (Secure by Design) principles, and their application to new and legacy IT systems and services. more »
and secure development life-cycle audits Understanding of current good practice standards and guidance (e.g. ISO/IEC 27001; NIST 800-53; PCI DSS; NCSC guidelines and principles) Good technical knowledge of assuring cloud environments (AWS, Azure and GCP) Good technical knowledge of networking technologies System auditing experience Good understanding … of risk management and threat modelling methodologies Desirable Qualifications: CISM AWS or Azure technical security qualification CISSP SABSA QSA NCSC CCP SIRA or Architecture Other Requirements: Must be eligible to hold UK NationalSecurity Vetting to a minimum of SC level CyberSecurity/Cyber Assurance/CISSP/CISM more »
is critical to the business. Within this role, you will be responsible for ensuring compliance with all relevant regulations, including the NIS Directive, the NCSCCyber Assessment Framework, and other industry-wide compliance frameworks that have been set by their Governing Body. You will need to develop and manage a more »
is critical to the business. Within this role, you will be responsible for ensuring compliance with all relevant regulations, including the NIS Directive, the NCSCCyber Assessment Framework, and other industry-wide compliance frameworks that have been set by their Governing Body. You will need to develop and manage a more »
the security requirements in contract with the client, including liaison as tasked by the TSM SyM with the client (e.g. CyDR) and other (e.g. NCSC) security stakeholders. Maintain RMADS (or similar SbD artefacts) and security risk assessments for TSM systems to support accreditation. Maintain formal certification of the TSMF facility more »
Woking, Surrey, South East, United Kingdom Hybrid / WFH Options
WWF UK
experience . You will have a working knowledge of Active Directory and Entra ID as well as strong PowerShell skills and an understanding of NCSCCyber Essentials. You will also have a good understanding of the impact of General Data Protection Regulation and Payment Card Industry compliance on technical solutions. more »
and hands-on experience of working with Regulators and providing compliance updates for an OT environment. Excellent understanding of the NIS Regulations and the NCSCCyber Assessment Framework. Good understanding and practical experience of CyberSecurity Frameworks and standards such as NCSCsecurity principles, NIST Framework, ISO 27001, ISO27005, IEC62443 more »