19 of 19 Contract NCSC Jobs in the UK

Docker. Strengthen security controls across VMware, Hyper-V, and cloud-native virtualisation. Produce high-quality architectural artefacts, including HLDs and security patterns, aligned with NCSC guidance and industry standards. Conduct security assessments, threat modelling, and validate platform configurations for compliance and risk. Embed security controls within CI/CD pipelines ...

Cleared Security Architect for an existing programme of work in the defence sector. Role/Requirements Assuring secure system architectures aligned to NCSC principles, JSP 440, JSP 604, and MOD security patterns. Inputting into High-Level Designs (HLDs) and Low-Level Designs (LLDs) with explicit security controls. Conducting threat modelling ...

level technical designs. Experience of requirements management and the ownership of requirements. Working knowledge of auditing and security products configuration. A comprehensive understanding of NCSC, GDS, CIS, Cyber Essentials, and NIST IT security principles, along with experience in UK government technology strategies and policies. Worked in a Matrix organisation structure. ...

with the development of infrastructure as code using Terraform or Bicep. A strong understanding of cloud security principles and Zero Trust architectures. Familiarity with NCSC, GDS, and UK government security frameworks-such as Secure by Design, Cloud Security Principles, and Government Functional Standards. Desirable Qualifications: Microsoft Azure Fundamentals ...

especially in supply chain risk. Proven experience managing risk governance across multiple technology domains at enterprise level. Familiarity with risk tools aligned to the NCSC Cyber Assessment Framework (CAF) and secure-by-design practices. Experience improving controls relating to human risk factors. Strong background in developing cyber security policies, guidance ...

related environment * Knowledge of UK MOD security standards (Def Stan 05-138, Cyber Security Model) and UK government standards (Cyber Essentials, NCSC principles) * Familiarity with risk assessment standards (IS1, NIST SP800-30) * Effective communicator with stakeholder engagement skills * Proficiency with Microsoft Office tools Desirable: * Knowledge of ISO27001, CMMC, NIST Cyber ...

East. Working in an SC Security Cleared environment, You will hold current SC Clearance or DV (Developed Vetting) Skills required: CSTL or CSTM-essential (NCSC) Previous experience of penetration testing public sector or critical national infrastructure (CNI) systems and networks. Azure,AWS On-prem Infrastructure Containers,Kubernetes Excellent communication skills ...

frameworks such as NIST RMF/CSF What We're Looking For Experience in cyber security engineering, architecture, or assurance Strong knowledge of JSP440, NCSC guidance, or Secure by Design (SbD) Experience with risk assessment, accreditation, and security controls Familiarity with NIST frameworks Background in defence, government, or secure environments ...

Secure by Design principles and IT security documentation, including policies, standards, processes, procedures, and patterns. Demonstrable knowledge of cybersecurity frameworks and standards, including the NCSC Cyber Assessment Framework, ISO 27001, NIST, COBIT, as well as SABSA and TOGAF. To apply, please submit your latest CV for review. ...

manage enterprise endpoint security/EDR platforms (e.g. Trellix or equivalent) Implement security hardening, patching, and vulnerability remediation aligned to industry standards (e.g. CIS, NCSC) Manage and optimise Windows Server and Active Directory environments to ensure performance, stability, and security Collaborate with architects and technical stakeholders to deliver secure, scalable ...

feedback to architects and engineers Define, explain, and advocate baseline security control sets across programmes and projects Ensure designs align with recognised frameworks including NCSC CAF, NCSC CSF, NIST CSF, and NIST SP 800-53 Provide security design assurance across: Network modernisation Identity modernisation Cloud adoption and migration (AWS preferred … High level design) or LLD (low level design)and provide security feedback Understand, explain and able to advocate baseline control sets Understanding of NCSC CSF and 800-53, NCSC CAF Experience of one or more of security elements of Network modernisation, Identity modernisation, cloud adaption (AWS) and migration, or CICD ...

penetration testing activities. Excellent stakeholder management and communication skills. Desirable Experience: Experience with SAP GRC Access Control or similar GRC tools. Working knowledge of NCSC guidance for enterprise and application security. Experience delivering SAP security within UK Government or highly regulated environments. Security and Eligibility Requirements: Security Check (SC) clearance ...

technical authority for SharePoint across multiple defence projects. Work closely with security, architecture and project teams to ensure solutions meet MOD and NCSC standards. Develop and maintain document management solutions, workflows, automation and governance frameworks. Support migrations, upgrades and integration activities across complex, secure environments. Provide expert guidance to stakeholders ...

technical authority for SharePoint across multiple defence projects. Work closely with security, architecture and project teams to ensure solutions meet MOD and NCSC standards. Develop and maintain document management solutions, workflows, automation and governance frameworks. Support migrations, upgrades and integration activities across complex, secure environments. Provide expert guidance to stakeholders ...

point of escalation for security incidents and access queries. Experience with GRC tools (SAP GRC Access Control preferred) and a working knowledge of NCSC guidance for enterprise security will be advantageous. Due to the sensitive nature of this UK Government programme, SC clearance is required; active SC clearance is highly ...

Number of Direct/Indirect Reports Direct employees: n/a Budget Other Main Interfaces External: UK Government bodies including - NPSA, OFGEM, NaCTSO, DESNZ, NCSC, Home Office. UK Police Forces Energy sector partners and utilities including the National Infrastructure Crime Reduction Partnership (NICRP) Wider UK industry and security community Internal ...

Cyber Security Model, Secure By Design, Industry Security Notices Strong familiarity with UK Government security standards such as 007/SPF, NCSC Cloud Security Principles, NCSC Principles for Using Software as a Service (SaaS) securely, Cyber Essentials, and the CHECK penetration testing scheme Broad familiarity with UK Government physical ...

ideal candidate will be Degree qualified in Information/Cyber Security, IT, Engineering, Mathematics, or Science and or Chartered Cyber Security Professional, ex-NCSC Certified Cyber Professional or ex-CLAS.. Knowledge: Essential: Experience of MOD policy in JSP440 and knowledge of NCSC guidance. Experience of working on MoD Secure ...

status across all IT controls Conduct regular access and identity reviews; enforce multi-tenant data isolation and least-privilege principles Support audit readiness against NCSC Cyber Assessment Framework (CAF), CSA CAIQ, NIST, and our roadmap towards SOC 2 Establish and track quantifiable technical baselines - encryption coverage, log retention, API compliance … team Person Specification Broad exposure to IT operations, DevOps principles, or a related technical discipline. Familiarity with one or more governance frameworks (ISO 27001, NCSC CAF, NIST, SOC 2 or similar) - you do not need to be an expert in all of them Process-driven mindset - able to translate policy ...