1 to 25 of 49 NCSC Jobs in the South East

/residing in UK Strong working knowledge of: JSP440, JSP604/453, JSP490 MOD/GDS Secure by Design principles ISO 27001, NIST CSF, CIS Controls v8 HMG, NPSA, NCSC policies and guidance Cloud security (Azure, AWS), containerisation, KMS, WAFs Event-driven microservices, network infrastructure, IDS/IPS AI security (ISO42001 desirable), ITHC scoping and remediation Threat modelling (Kill Chain More ❯

Assurance and Risks. Security related legislation (e.g. GDPR, PCI DSS, ICO requirements). Security Control Frameworks such as ISO 27001, NIST CSF and CIS Controls v8. HMG, NPSA and NCSC security policies, standards and guidance. Have experience building and implementing secure by design principals within the software development lifecycle (SDLC). Threat Modelling – Kill Chain – Attack tree analysis. Certifications: AWS More ❯

Assurance and Risks. Security related legislation (e.g. GDPR, PCI DSS, ICO requirements). Security Control Frameworks such as ISO 27001, NIST CSF and CIS Controls v8. HMG, NPSA and NCSC security policies, standards and guidance. Have experience building and implementing secure by design principals within the software development lifecycle (SDLC). Threat Modelling - Kill Chain - Attack tree analysis. Working understanding More ❯

Assurance and Risks. Security related legislation (e.g. GDPR, PCI DSS, ICO requirements). Security Control Frameworks such as ISO 27001, NIST CSF and CIS Controls v8. HMG, NPSA and NCSC security policies, standards and guidance. Have experience building and implementing secure by design principals within the software development lifecycle (SDLC). Threat Modelling - Kill Chain - Attack tree analysis. Working understanding More ❯

Assurance and Risks. Security related legislation (e.g. GDPR, PCI DSS, ICO requirements). Security Control Frameworks such as ISO 27001, NIST CSF and CIS Controls v8. HMG, NPSA and NCSC security policies, standards and guidance. Have experience building and implementing secure by design principals within the software development lifecycle (SDLC). Threat Modelling - Kill Chain - Attack tree analysis. Working understanding More ❯

/CD) Familiarity with scripting languages like PowerShell, YAML, JSON Hands-on with application security tools and DevSecOps processes Understanding of frameworks and standards like OWASP, NIST SSDF, ISO27001, NCSC Experience with threat modelling, risk assessments, and secure design reviews Confident owning security strategy and tooling across complex product landscapes A strong communicator - able to engage with engineers and execs More ❯

environments Hands-on knowledge of cloud platforms , CI/CD pipelines , and scripting (PowerShell, YAML, JSON, etc.) Familiarity with frameworks and standards such as OWASP , NIST SSDF , ISO27001 , or NCSC Practical experience with threat modelling , security tooling , and risk assessments Excellent communication skills, able to influence and engage at all levels from developers to execs A collaborative, proactive approach to More ❯

security through design and delivery. Background in the defence, maritime, or critical national infrastructure environment. Skills & Qualifications: Degree (or equivalent experience) in a relevant STEM or Information Security discipline. NCSC CCP SIRA status (or ability to achieve). Membership of a relevant professional body. Strong stakeholder engagement, leadership, and mentoring capabilities. Why Join? This is an opportunity to play a More ❯

cyber risk, cyber maturity, security architecture, cyber transformation and regulatory compliance for cyber. Experience of various recognised cyber security relevant standards and regulations, such as NIST CSF, CRI2.0, ISO27001, NCSC CAF, GDPR and NIS2. Experience working in a variety of environments or organisational contexts to develop cyber strategy and manage cyber risk. Desire to work with large organisations trying to More ❯

Services. • The successful candidate may have experience testing mobile applications. CERTIFTICATION & MEMBERSHIPS Core qualifications:- • Current CREST CCT-INF or CREST CCT-APP certifications • Current Check Team Leader (CTL) at NCSC • Current SC clearance Some of the following certifications are beneficial:- • Advanced Certified Ethical Hacker • EnCE - EnCase Certified Examiner http://www.encase.com • CWSP - Certified Wireless Security Professional • PWB - Offensive Security More ❯

security direction, and shaping service offerings. Key responsibilities: Deliver advanced security consultancy across Azure and AWS. Conduct posture assessments, gap analyses, and configuration reviews. Design secure architectures aligned with NCSC, CIS, and ISO 27001. Advise on governance, compliance (ISO 27001, Cyber Essentials Plus, NIST). Collaborate with SOC and engineering teams to strengthen detection and identity controls. You’ll need More ❯

ll be responsible for: Conducting security assurance activities across projects, products, and systems. Supporting risk assessments, security reviews, and compliance checks in line with organisational and government standards (e.g., NCSC, ISO 27001, JSP440). Producing clear, concise, and insightful security assurance reports for technical and non-technical stakeholders. Working closely with engineering, architecture, and risk management teams to ensure robust More ❯

s privileged security baseline. Be familiar designing and implementing closed loop credential management workflows. Stay ahead of the security curve and make best practice recommendations to senior management (NIST, NCSC etc.) Be able to work autonomously on complex projects, gathering key information and making appropriate recommendations. Design, implement, and manage the PAM system to ensure the confidentiality, integrity, and availability More ❯

. Infrastructure-as-Code: Terraform, Helm, Ansible. Scripting: Bash, Python. Experience in air-gapped environments and secure software supply chain practices (SBOMs, image scanning). Familiarity with MOD/NCSC guidance and CIS benchmarks. Proven ability to work across organisational boundaries and with external teams. Desirable Skills: Exposure to multiple Kubernetes distributions. Experience with MODCloud, Azure, or AWS in regulated More ❯

and assessments of the IAM stack to identify and resolve security gaps, and provide evidence to auditors as required. Stay current with emerging technologies and security frameworks (e.g., NIST, NCSC), proactively recommending upgrades and improvements to senior stakeholders. Provide technical guidance and mentoring to team members, supporting best practices in authentication, access control, and identity lifecycle management. Develop and deliver More ❯

background , ideally with knowledge of command, control, and intelligence systems . Deep understanding of architecture frameworks, design standards and methodologies. Experience with secure software development lifecycles , OWASP , GDPR , and NCSC Cloud Security Principles . Demonstrated ability to design and deliver secure, integrated solutions in sensitive or classified environments. Strong stakeholder engagement and communication skills, with the ability to influence at More ❯

background , ideally with knowledge of command, control, and intelligence systems . Deep understanding of architecture frameworks, design standards and methodologies. Experience with secure software development lifecycles , OWASP , GDPR , and NCSC Cloud Security Principles . Demonstrated ability to design and deliver secure, integrated solutions in sensitive or classified environments. Strong stakeholder engagement and communication skills, with the ability to influence at More ❯

years' experience in IT or cybersecurity roles. Strong understanding of Microsoft 365 and Google Workspace security controls. Experience managing or working with MSPs. Familiarity with Cyber Essentials, NCSC guidance, or ISO 27001 principles. Relevant certifications such as CompTIA Security+, CISMP, or equivalent experience. Excellent communication skills, able to explain complex concepts to non-technical audiences. Self-motivated, organised, and able More ❯

Product Security/Information Security concepts to applicable technologies within the environment (or similar). Degree (or equivalent experience) in a relevant STEM subject or Information Security related. Holds NCSC CCP SIRA status (or able to achieve) Is a member of a professional institute Security Requirements: SC, ITAR & UK EYES ONLY This role will require the person to hold full More ❯

system artefacts to determine root causes. Participate in cyber crisis simulation exercises and continuous improvement initiatives to enhance resilience. Contribute to security audits and compliance efforts (e.g. ISO 27001, NCSC CAF, GDPR). Mentor Level 1 and Level 2 SOC Analysts, helping to build team capability and knowledge. About You You'll bring a combination of technical expertise, analytical acumen More ❯

auditing Background in a DITSO or similar IT security role within Defence or OGD Familiarity with WARP processes and incident response coordination Understanding of UK government cyber policy and NCSC guidance More ❯

professional development and awareness of current industry good practice. Qualifications: Degree (or equivalent experience) in a relevant STEM subject or Information Security related. Holds Chartered Cyber Professional or former NCSC CCP SIRA status (or able to achieve) Is a member of a professional institute For more information please contact Lauren Morley at JAM Recruitment or click apply. More ❯

professional development and awareness of current industry good practice. Qualifications: Degree (or equivalent experience) in a relevant STEM subject or Information Security related. Holds Chartered Cyber Professional or former NCSC CCP SIRA status (or able to achieve) Is a member of a professional institute For more information please contact Lauren Morley at JAM Recruitment or click apply. More ❯

initiatives What we're looking for Strong working knowledge of Microsoft 365 and Google Workspace security Experience managing or working with managed service providers (MSPs) Familiarity with Cyber Essentials , NCSC guidance , or ISO 27001 principles Understanding of GDPR and data protection responsibilities Relevant certification (e.g. CompTIA Security+ , CISMP ) or equivalent experience Excellent communication skills, especially with non-technical users Self More ❯

working in API testing, Network technologies and cloud solutions SC clearance is mandatory. Have a good practical understanding of firewalls technologies, WAP and OWASP Understanding of CAF, NIST and NCSC Understanding of Cloud platform, Linux OS, OpenShift, Kubernetes Wipro is an exciting organization to work for. We ranked as a “Top Employer” as part of the Top Employer Institute annual More ❯