Andover, England, United Kingdom Hybrid / WFH Options
Civica
priorities and requirements Experience of Secure Software Development Lifecycle processes and methodologies Knowledge and experience of applying best practice for solution security (e.g., OWASP, NCSC cloud security principles) Strong understanding and practical experience of performing security threat modelling and articulating risk profiles Deep understanding of security concepts and demonstrated application more »
Greater Bristol Area, United Kingdom Hybrid / WFH Options
Evolution
major public industry sectors e.g. Defence (MoD) and/or HM Government departments or agencies. Relevantly certified in security, holding qualifications such as NIST; NCSC Certified Cyber Professional (CCP) Information System Security Manager; CISSP; CISM If the above sounds like you, then I'd love to speak with you immediately more »
Manchester Area, United Kingdom Hybrid / WFH Options
Frontier Resourcing
security professional body such as the Institute of Information Security Professionals (IISP), IS2, BCS. · Certifications such as ISO27000, NIST CyberSecurity Professional, CISMP etc. · NCSC Certified Cyber Professional/CESG CCP (Security and Information Risk Advisor or Security Architect). · Understanding of ‘Secure by Design’ methodology and NIST more »
Dunbar, East Lothian, Scotland, United Kingdom Hybrid / WFH Options
Risktec Solutions Ltd
Produce and communicate learning briefs for user awareness, deliver training as required to educate and improve the security culture at all levels. Interface with NCSC and ONR, hosting security inspections as directed by the regulator. Handle and appropriately protect sensitive or restricted information. Who you are We welcome your application more »
Co-ordinator: Relevant IT security experience Writing of accreditation security case (RMADS) Experience and knowledge of Government IA Policy, including JSP440, JSP604, DIANS and NCSC IA guidance. Experience of close working relationships with Accreditation Authorities in the UK, as well as leading Security Working Groups as a way of managing more »
but they should also be willing to defend security principles when necessary, sometimes against majority opposition. Knowledge of security frameworks, eg NIST 800-53, NCSC CAF and others. Knowledge of cloud environments with a particular emphasis on Azure and AWS. The ability to appropriately identify and categorise risk and suggest more »
Preston, Lancashire, North West, United Kingdom Hybrid / WFH Options
Experis
Act as a subject matter expert regarding Cyber assurance activities for the wider organisation Essential Skills : * Knowledge of information security standards, such as HMG, NCSC Guidance, ISO 27001/18, NIST 800 etc. HMG is fundamental * Capable of a very high standard of written communication including experience of writing complex more »
formal accreditation by MoD of AWE corporate systems and of other specified AWE systems. Provide an interface between AWE and the National Technical Authority (NCSC). Oversee IT Health Check and Vulnerability Assessments by approving scope of tests and overall testing programme. Advise AWE managers on the appropriate level of more »
emerging technologies and assurance techniques. Project management skills, including budgeting and resource management. Experience of applying industry standards such as ISO27001, NIST 800-53, NCSCCyber Assurance Framework (CAF), IEC 62443. Understanding of Continual Assurance (Secure by Design) principles, and their application to new and legacy IT systems and services. more »
and critical national infrastructure systems and networks, identifying vulnerabilities, and providing recommendations for security enhancements Perform penetration tests and security assessments for infrastructure, following NCSC-recognised method Conducting web application and infrastructure penetration tests and other opportunities as the service matures Excellent report writing and communication skills, capable of explaining more »
Cyber assurance activities for the wider organization To be successful in this role you will need the following: Knowledge of information security standards (HMG, NCSC Guidance, ISO 27001, NIST 800 Ideally come from a Military background Knowledge of security architecture SME regarding Cyber assurance activities If you have this skill more »
Liverpool, England, United Kingdom Hybrid / WFH Options
Harvey Nash
such as: M365 Security tools Experience in developing, documenting, and maintaining security documents. Understanding of Information Security control standards and frameworks e.g. ISO27001, NIST, NCSC CAF Knowledge of information security principles, including risk assessment, intrusion detection/prevention, Security Information and Event Management (SIEM) tools, threat, and vulnerability management. They more »
public cloud, AWS/Azure/GCP, on-prem and hyper scaler platform deployments. Designing/implementing secure systems meeting Government Security Classifications and NCSC standards (-eg- Defence Common Architectural approach). Design of technical architecture artefacts, reuse of patterns, components + tools across the customer landscape. Deploying equipment into more »
and secure development life-cycle audits Understanding of current good practice standards and guidance (e.g. ISO/IEC 27001; NIST 800-53; PCI DSS; NCSC guidelines and principles) Good technical knowledge of assuring cloud environments (AWS, Azure and GCP) Good technical knowledge of networking technologies System auditing experience Good understanding … of risk management and threat modelling methodologies Desirable Qualifications: CISM AWS or Azure technical security qualification CISSP SABSA QSA NCSC CCP SIRA or Architecture Other Requirements: Must be eligible to hold UK NationalSecurity Vetting to a minimum of SC level CyberSecurity/Cyber Assurance/CISSP/CISM more »
is critical to the business. Within this role, you will be responsible for ensuring compliance with all relevant regulations, including the NIS Directive, the NCSCCyber Assessment Framework, and other industry-wide compliance frameworks that have been set by their Governing Body. You will need to develop and manage a more »
is critical to the business. Within this role, you will be responsible for ensuring compliance with all relevant regulations, including the NIS Directive, the NCSCCyber Assessment Framework, and other industry-wide compliance frameworks that have been set by their Governing Body. You will need to develop and manage a more »
the security requirements in contract with the client, including liaison as tasked by the TSM SyM with the client (e.g. CyDR) and other (e.g. NCSC) security stakeholders. Maintain RMADS (or similar SbD artefacts) and security risk assessments for TSM systems to support accreditation. Maintain formal certification of the TSMF facility more »
Woking, Surrey, South East, United Kingdom Hybrid / WFH Options
WWF UK
experience . You will have a working knowledge of Active Directory and Entra ID as well as strong PowerShell skills and an understanding of NCSCCyber Essentials. You will also have a good understanding of the impact of General Data Protection Regulation and Payment Card Industry compliance on technical solutions. more »
development and deployment of products and platforms across the client. Key skills: Strong Security Architecture experience Proficiency in industry frameworks and best practices (e.g., NCSC CAF, CIS CSC, etc.) Demonstrated ability to contribute to the design of intricate solutions, including identifying risks and implementing remedies Track record of supervising high more »
Newcastle Upon Tyne, Tyne and Wear, North East, United Kingdom
Pardoe Wray
Automate and make improvements to development and release processes, version control. API scaling/deployment/configuration/maintenance Oauth2/AaaS Knowledge of NCSC secure design principles Knowledge of Websocket/Messaging buses Strong analytical and problem-solving skills, with a keen attention to detail. Excellent written and verbal more »
the security or capability of the environments · Creating, verifying, and maintaining technical documentation Required Skills: · Experience in network/gateway environments · Knowledge of the NCSCCyber Assessment Framework (CAF) and securing networks based on requirements · Proficiency with network technologies (data and voice): BGP, MPLS/VPLS, SIP, TLS, Network Management more »
be successful you will be a 3rd Line Linux Engineer (Cross Domain Engineer) and have knowledge of as many of the following as possible: NCSC Import and Export patterns and the principles of HardSec Configuration and management of commercially available cross domain guards and supporting software. Linux intermediate to include more »
essential for you to apply: Knowledge and application of UK Information Assurance Standards, Frameworks and supporting guidance: HMG IS1 & IS2 ISO27000 Series JSP440 JSP604 NCSC Guidance Material Secure by Design DefStan 05-139 Knowledge and application of non-UK Information Assurance Standards NIST SP800 (in particular NIST SP … SMP) Generation Experience of Security Case/Security Case Report Generation Strong communication and stakeholder management skills. Strong analytical and problem-solving skills. Qualifications NCSC Recognised Qualification Full Membership of ISC2 or CIISe Security Clearance SC (minimum) DV (preferred) Benefits Annual Company Bonus 25 Days holiday not including bank holidays more »
management (UIDs, GIDs, capabilities). What we offer Professional development budget of £5,000 per annum Private healthcare Who are we? We are an NCSC accredited consultancy specialising in Cyber, Risk and Intelligence. We help high performing clients achieve their objectives through deep technical expertise and the ability to think more »
essential for you to apply: Knowledge and application of UK Information Assurance Standards, Frameworks and supporting guidance: HMG IS1 & IS2 ISO27000 Series JSP440 JSP604 NCSC Guidance Material Secure by Design DefStan 05-139 Knowledge and application of non-UK Information Assurance Standards NIST SP800 (in particular NIST SP … nice to have) Knowledge of operating systems, firmware and software security controls (nice to have) Model Based Systems Engineering Experience (nice to have) Qualifications NCSC Recognised Qualification e.g. Certified Information Systems Security Professional (CISSP) Full Membership of ISC2 or CIISe Security Clearance SC (minimum) DV (preferred) Benefits Annual Company Bonus more »