1 to 25 of 62 NCSC Jobs in the UK excluding London

App Service). Security Frameworks & Secure by Design Strong understanding of Secure by Design principles and ability to bake security in from concept through production. Practical experience implementing the NCSC or NIST Cybersecurity Framework (CSF) and/or NIST SP 800-53 controls. Demonstrable understanding of ISO/IEC 27001 requirements and hands-on experience mapping technical controls to ISO More ❯

Security Architect or in a Technical Cyber Consultant/Engineer role. Expertise in: Security legislation (GDPR, PCI DSS, ICO) Frameworks (ISO 27001, NIST CSF, CIS Controls v8) HMG/NCSC policies and guidance Cloud security (AWS, Azure) Microservice architectures PKI, Cryptography, Privileged Access Management Certifications: SABSA, TOGAF, AWS/Azure Architect, CISSP, CISM (or working towards CIISEC/UK Cyber More ❯

expertise in areas such as cyber strategy, risk management, cyber maturity assessments, security architecture, transformation programmes, and regulatory compliance. Familiarity with leading frameworks and standards including NIST CSF, ISO27001, NCSC CAF, GDPR, NIS2, and CRI2.0. Hands-on experience delivering security solutions and assessments in varied environments. Relevant certifications such as CISSP, CISM, CISA, M.Inst.ISP, or a postgraduate qualification (e.g. MSc More ❯

which are critical to UK defence and national security. To deliver this outcome, you must be passionate about cyber security and apply your deep understanding and experience of HMG, NCSC, and international cyber standards. The role will require excellent stakeholder management and communication skills to build the trust and support necessary for successful outcomes. You will be supported by team More ❯

to measure the effectiveness of cyber governance. Lead continuous improvement initiatives and mentor key personnel within governance functions. Ensure all policies, procedures, and controls are compliant with regulatory standards (NCSC, ISO 27001, NIST, CIS Controls). Identify, assess, and manage risks to project or organisational goals. Build alignment with executive stakeholders, board members, and external partners to ensure accountability and More ❯

e.g. AWS, Azure etc) network security, and secure software development. Incident management and alerts triage experience Experience in Microsoft Sentinel Strong understanding of security principles, technologies, and frameworks (e.g., NCSC guidance, ISO 27001, NIST). It is desirable that you have: Experience working with Django framework Good working knowledge of Query Languages (SQL, KQL (Kusto), etc.) How to apply As More ❯

GitOps-style setup. Ability to troubleshoot cloud-native applications, networking, and infrastructure issues. Exposure to hybrid cloud setups (e.g., on-prem integration or restricted networks) Awareness of enterprise controls (NCSC/Cyber Essentials, NIST, or similar frameworks) Understanding of cloud cost optimisation and FinOps practices Familiarity with supporting data/AI pipelines or platform integrations (e.g., Azure Data Factory, Databricks More ❯

and client environments What You'll Bring Strong experience in cyber strategy, risk management, governance, architecture, and regulatory compliance Familiarity with frameworks and standards such as NIST CSF, ISO27001, NCSC CAF, GDPR, and NIS2 Industry-recognised certifications (e.g. CISSP, CISM, CISA, M.Inst.ISP, or equivalent) Practical experience in GRC, threat and vulnerability management, or operational resilience Proven delivery across complex programmes More ❯

standards and establishing frameworks. Expertise in identifying security issues in existing system designs, including recommending mitigations that balance cost, risk and usability. Knowledge of security standards and regulations (e.g. NCSC, ISO, SOC, NIST, PCI, GDPR). Experience in application architecture, software development and/or infrastructure architecture. Experience in testing the security of software and infrastructure using appropriate security tools. More ❯

of cloud platforms such as AWS and Microsoft Azure, as well as Microsoft Entra ID and M365. Familiarity with frameworks such as NIST CSF, Cyber Assessment Framework (CAF), and NCSC Cloud Security Principles. Proven ability to influence stakeholders and support secure delivery in large, complex environments. Excellent communication skills and ability to collaborate with globally distributed teams. A degree in More ❯

effectiveness of NHS England's cyber security controls, processes, and systems. It supports informed assurance by: Evaluating control effectiveness through testing, validation, and review against defined security frameworks (e.g., NCSC CAF, ISO 27001, NIST). Conducting assurance reviews across systems, suppliers, and internal functions to identify risks, control gaps, and areas for improvement. Driving remediation by working with control owners More ❯

management processes Support vulnerability management, penetration testing, and incident response Requirements for this role: 3+ years' experience in a senior cyber security role Strong knowledge of security frameworks (NIST, NCSC, CIS, MITRE ATT&CK) Hands-on experience with security tools: SIEM, IDS/IPS, firewalls, endpoint protection Expertise in Azure security and securing cloud platforms A solid understanding of vulnerabilities More ❯

technical role Recent MOD experience Security related legislation (e.g. GDPR, PCI DSS, ICO requirements) Security Control Frameworks such as ISO 27001, NIST CSF and CIS Controls v8 HMG and NCSC security policies, standards and guidance Cloud security including Amazon Web Service offerings such as KMS, IAM and ECS Event-driven microservice architectures using native cloud technology Benefits: 25 days holiday More ❯

business risk models and associated material, in support of operational cyber security and business planning activity across a range of different domains or sectors against recognised standards (e.g. ISO27001, NCSC CAF, NIS Directive, UK GovAssure) Identify mitigations for cyber risk in a given business or operational scenario and threat environment Lead and deliver cyber security audits, risk reviews and control More ❯

Key Responsibilities Support cyber transformation projects, governance assessments, and maturity roadmaps Assist with cyber strategy documentation and recommendations for leadership teams Work across frameworks such as ISO27001, NIST CSF, NCSC CAF, GDPR, and NIS2 Contribute to reports, client workshops, presentations, and stakeholder engagement Develop knowledge of security concepts, risk appetite alignment, and digital resilience What We're Looking For Degree More ❯

archive, and XDR implementation. Embed governance and risk management practices across the programme. Develop and maintain security reference architectures and patterns. Align with national cyber frameworks such as the NCSC Cyber Assessment Framework (CAF). Drive secure-by-design principles across all technology workstreams. Collaborate with stakeholders to ensure effective incident response and business continuity planning. Collaborate with our Sales More ❯

minimum of 5 years. Full UK driving licence. Ability to obtain (or currently hold) SC or DV clearance - this is non-negotiable and is set by the NSCS (National Cyber Security Centre ) for all Check Members. Willingness to travel for client engagements or on-site support. Travel is within the United Kingdom. CCL is an equal opportunities employer and positively More ❯

explaining findings, and recommending remedial actions to stakeholders. Investigating security incidents. Promoting security awareness within project teams and the organization. Candidate requirements: HMG Security Policy Framework (SPF) familiarity and NCSC Information Assurance Portfolio knowledge gained through studies. Masters degree in Information, Cyber, or Systems Security, along with a strong Cyber/STEM background. Eligibility and willingness to obtain UK Security More ❯

solutions. Experience in identifying security issues in existing system designs or products, including recommending sensible mitigations that balance cost, risk and usability. Knowledge of security standards and regulations (e.g. NCSC, ISO, SoC, NIST, PCI, GDPR). Experience in application architecture, software development and/or infrastructure architecture. Experience testing the security of software and infrastructure using appropriate security tools. Experience More ❯

migrating from on-prem to cloud solutions. Strong analytical skills for complex technical issues. Proven ability in designing cyber security systems and governance. Familiar with tools and frameworks (e.g. NCSC, NIST, MITRE, GDPR, PCI DSS). Deep understanding of security controls (e.g. firewalls, SIEM, SOC, DLP). Proficient in leading and coordinating incident response. Effective at managing multiple priorities under More ❯

Essential Skills & Experience: Proven experience delivering secure architecture within complex, large-scale government or defence programmes. Deep knowledge of: Secure infrastructure and software solution design MOD security standards and NCSC design patterns Public and private cloud solutions using Software Defined Datacentre (SDDC) Secure cryptographic provisioning, PKI, ADFS, proxy services Defence Lines of Development and MOD Capability Integration Technical expertise across More ❯

Essential Skills & Experience: Proven experience delivering secure architecture within complex, large-scale government or defence programmes. Deep knowledge of: Secure infrastructure and software solution design MOD security standards and NCSC design patterns Public and private cloud solutions using Software Defined Datacentre (SDDC) Secure cryptographic provisioning, PKI, ADFS, proxy services Defence Lines of Development and MOD Capability Integration Technical expertise across More ❯

on secure cloud adoption, data protection, and architectural risk management Conduct security assessments, identifying risks and proposing effective mitigation strategies Ensure compliance with MOD policies, including JSP 440, and NCSC cloud security principles Work closely with delivery teams, architects, and senior stakeholders to embed security throughout the solution lifecycle Support security assurance and accreditation activities for cloud-based systems Essential More ❯

in an embedded environment. Desirable: INCOSE recognition ASEP or CSEP Experience working as a technical Subject Matter Expert (SME) and developing new areas of expertise as and when required. NCSC security processes and familiar with deliver of associated security artefacts. Role requirements Has attained SC clearance Able to travel within UK Clean driving license Willing and able to obtain, and More ❯

They are driven to help protect organisations against the rising threat of cyber-attacks in an ever-evolving digital world. The have become a known Microsoft Security Partner with NCSC status as well as several prestigious awards to their name. More importantly, they are a people focused organisation who recognise their success is all down to the employees who make More ❯