1 to 25 of 92 NCSC Jobs in the UK

App Service). Security Frameworks & Secure by Design Strong understanding of Secure by Design principles and ability to bake security in from concept through production. Practical experience implementing the NCSC or NIST Cybersecurity Framework (CSF) and/or NIST SP 800-53 controls. Demonstrable understanding of ISO/IEC 27001 requirements and hands-on experience mapping technical controls to ISO More ❯

activities. Work with the Executive and project leadership to ensure security is represented in commercial proposals, assurance processes, and delivery planning. Maintain strong relationships with relevant external stakeholders (e.g. NCSC, NPSA), monitoring threat intelligence and security guidance. Operational Security & Risk Management Lead the design, implementation, and monitoring of controls across endpoint security, identity and access management, and cloud infrastructure (e.g. More ❯

portfolio worth hundreds of millions of pounds. Working with product owners, delivery managers and enterprise architects, you will ensure every new or changed service conforms to Home Office and NCSC standards while enabling rapid, user centred delivery. You will analyse emerging threats, advise on proportional mitigations, and produce or tailor reference patterns covering identity, network segmentation, container security, data protection More ❯

advise where necessary Experience in software security design review Strong knowledge of Agile, DevSecOps, System Engineer and or equivalent Knowledge of security standards and secure development principles such as NCSC Secure Development & Deployment Guidance, OWASP, NIST Secure Software Development Framework (SSDF - 800-218), Microsoft Azure Secure Development best practices, ISO27001 Experience with Azure cloud infrastructure, particularly Azure PaaS service Experience More ❯

the ability to explain complex issues to a variety of stakeholders; technical and non-technical.Excellent quality focus, ensuring appropriate documentation and knowledge sharing.Proven experience of architecture design analysisExperience of NCSC's Cyber Assurance Framework (CAF), NIST Cyber Security Framework (CSF), NIST SP 800-53, ISO 27001 and HMG regulations and other departmental IT in defence and securityAbility to work in More ❯

posture across large-scale transformation programmes Essential Skills & Experience Active SC Clearance is essential – candidates without current clearance cannot be considered Strong knowledge of UK government security standards (e.g. NCSC guidance, ISO27001, JSP 440) Proven experience designing and implementing secure systems in enterprise or government settings Familiarity with cloud platforms (AWS/Azure), identity management, secure networking, encryption, and SIEM More ❯

is cloud native Experience of successfully achieving ISO27001 or preferably SOC2 Type 2 Strong understanding of application security, cloud infrastructure, and DevOps practices Awareness of industry frameworks, such as NCSC Cyber Assessment Framework, Cyber Essentials Plus and OWASP Experience managing and selecting 3rd party vendors for audit and penetration testing Experience interacting with customer security and data privacy teams Experience More ❯

and analytical solutions Working knowledge of cloud orchestration and containerisation technologies, such as Docker and Kubernetes Working knowledge of DevOps, CI/CD and Infrastructure-as-Code Understanding of NCSC Cloud Security Principles and its practical implementations Aker Systems Attributes At Aker we work as a team, we are collaborative, hardworking, open, and delivery obsessed. There is no blame culture More ❯

to measure the effectiveness of cyber governance. Lead continuous improvement initiatives and mentor key personnel within governance functions. Ensure all policies, procedures, and controls are compliant with regulatory standards (NCSC, ISO 27001, NIST, CIS Controls). Identify, assess, and manage risks to project or organisational goals. Build alignment with executive stakeholders, board members, and external partners to ensure accountability and More ❯

real-world security challenges Key Skills & Experience Cyber Security: Experience in cyber strategy, risk management, security architecture, transformation programmes, and regulatory compliance Knowledge of relevant standards: NIST CSF, ISO27001, NCSC CAF, GDPR, NIS2, etc. Certifications such as CISSP, CISM, CISA, M.Inst.ISP, or MSc in Cyber Security Hands-on experience in areas like GRC, cyber threat management, vulnerability management Strong communication More ❯

review and improvement of the NAO's Disaster Recovery plans. o Ensuring our technical policies stay relevant and fit for purpose, and maintaining them in line with ISO27001 requirements, NCSC best practise, and alignment with HMG standards. o Support in develop and implement a Product Assurance framework with the GRC team. Own the process to deliver meaningful assurance as we More ❯

across public, private, or hybrid cloud environments. - Perform continuous assurance, leveraging threat modelling, risk assessments, and gap analysis of cloud architecture and environments. You have - Knowledge of NIST, CIS, NCSC, NIS, and Purdue models, with a focus on IT infrastructure security in the energy and utilities sector. - Proven experience designing secure cloud systems across AWS, Azure (preferred), GCP, or Oracle More ❯

/CD) Familiar with scripting languages like PowerShell, YAML, JSON Expertise in application security tools and DevSecOps processes Understanding of key frameworks and standards (e.g. OWASP, NIST SSDF, ISO27001, NCSC) Experience with threat modelling, risk assessments, and secure design reviews Comfortable owning security strategy and tooling across complex, modern product landscapes Strong communicator. Able to engage confidently with both engineers More ❯

/CD) - Familiar with scripting languages like PowerShell, YAML, JSON - Expertise in application security tools and DevSecOps processes - Understanding of key frameworks and standards (e.g. OWASP, NIST SSDF, ISO27001, NCSC) - Experience with threat modelling, risk assessments, and secure design reviews - Comfortable owning security strategy and tooling across complex, modern product landscapes - Strong communicator - able to engage confidently with both engineers More ❯

/CD) Familiar with scripting languages like PowerShell, YAML, JSON Expertise in application security tools and DevSecOps processes Understanding of key frameworks and standards (e.g. OWASP, NIST SSDF, ISO27001, NCSC) Experience with threat modelling, risk assessments, and secure design reviews Comfortable owning security strategy and tooling across complex, modern product landscapes Strong communicator. Able to engage confidently with both engineers More ❯

/CD) Familiar with scripting languages like PowerShell, YAML, JSON Expertise in application security tools and DevSecOps processes Understanding of key frameworks and standards (e.g. OWASP, NIST SSDF, ISO27001, NCSC) Experience with threat modelling, risk assessments, and secure design reviews Comfortable owning security strategy and tooling across complex, modern product landscapes Strong communicator. Able to engage confidently with both engineers More ❯

/CD)- Familiar with scripting languages like PowerShell, YAML, JSON- Expertise in application security tools and DevSecOps processes- Understanding of key frameworks and standards (e.g. OWASP, NIST SSDF, ISO27001, NCSC)- Experience with threat modelling, risk assessments, and secure design reviews- Comfortable owning security strategy and tooling across complex, modern product landscapes- Strong communicator - able to engage confidently with both engineers More ❯

/CD) Familiar with scripting languages like PowerShell, YAML, JSON Expertise in application security tools and DevSecOps processes Understanding of key frameworks and standards (e.g. OWASP, NIST SSDF, ISO27001, NCSC) Experience with threat modelling, risk assessments, and secure design reviews Comfortable owning security strategy and tooling across complex, modern product landscapes Strong communicator. Able to engage confidently with both engineers More ❯

people who can make a real impact. Core technical skills include: Incident response and threat hunting Identity and access management Zero Trust architecture Familiarity with UK regulatory standards and NCSC guidance Certifications often requested: CISSP, CISM, CISA CompTIA Security+ ISO 27001 Cloud security credentials (e.g. AWS or Azure certification) Soft skills are playing a bigger role too: Strong communication, especially More ❯

which are critical to UK defence and national security. To deliver this outcome, you must be passionate about cyber security and apply your deep understanding and experience of HMG, NCSC, and international cyber standards. The role will require excellent stakeholder management and communication skills to build the trust and support necessary for successful outcomes. You will be supported by team More ❯

assessments, maturity modelling, and security architecture projects. Ideal Candidate Profile Strong consulting experience in cyber strategy, transformation, or risk management. Understanding of cyber frameworks such as NIST CSF, ISO27001, NCSC CAF, GDPR, or NIS2. Holds or is working toward certifications such as CISSP, CISM, CISA, or equivalent. Comfortable managing project teams and delivering to time and budget. Excellent communication skills More ❯

and develop long-term plans and strategies. Knowledge & experience of relevant legislation, standards and best practice (including Data Protection AcUGDPR, NIS Regulations, DSP Toolkit, Cyber Essentials, ISO 27001, NIST, NCSC & ICO standards & recommendations, etc.) Significant experience working on both strategic & operational matters and managing digital services, at a senior level Significant experience in delivering and managing information security within large More ❯

standards and establishing frameworks. Expertise in identifying security issues in existing system designs, including recommending mitigations that balance cost, risk and usability. Knowledge of security standards and regulations (e.g. NCSC, ISO, SOC, NIST, PCI, GDPR). Experience in application architecture, software development and/or infrastructure architecture. Experience in testing the security of software and infrastructure using appropriate security tools. More ❯

UK. NPPV3 Clearance is essential, and you must be based in the UK. Key Skills and Experience: Extensive experience applying standards such as ISO27001 , NIST , JSP440/JSP604 , and NCSC guidance Proven background in information risk management , governance , and security assurance Experience leading or contributing to risk assessments , audits , and security documentation Strong knowledge of technical and organisational controls , including More ❯

on secure cloud adoption, data protection, and architectural risk management Conduct security assessments, identifying risks and proposing effective mitigation strategies Ensure compliance with MOD policies, including JSP 440, and NCSC cloud security principles Work closely with delivery teams, architects, and senior stakeholders to embed security throughout the solution lifecycle Support security assurance and accreditation activities for cloud-based systems Essential More ❯