1 to 25 of 56 Permanent NCSC Jobs in England

/residing in UK Strong working knowledge of: JSP440, JSP604/453, JSP490 MOD/GDS Secure by Design principles ISO 27001, NIST CSF, CIS Controls v8 HMG, NPSA, NCSC policies and guidance Cloud security (Azure, AWS), containerisation, KMS, WAFs Event-driven microservices, network infrastructure, IDS/IPS AI security (ISO42001 desirable), ITHC scoping and remediation Threat modelling (Kill Chain More ❯

gained as a Security Architect or in a technical cyber role. Expertise in: Security legislation (GDPR, PCI DSS, ICO) Frameworks (ISO 27001, NIST CSF, CIS Controls v8) HMG/NCSC policies and guidance Cloud security (AWS, Azure) Microservice architectures PKI, Cryptography, Privileged Access Management Certifications: SABSA, TOGAF, AWS/Azure Architect, CISSP, CISM (or working towards CIISEC/UK Cyber More ❯

Assurance and Risks. Security related legislation (e.g. GDPR, PCI DSS, ICO requirements). Security Control Frameworks such as ISO 27001, NIST CSF and CIS Controls v8. HMG, NPSA and NCSC security policies, standards and guidance. Have experience building and implementing secure by design principals within the software development lifecycle (SDLC). Threat Modelling - Kill Chain - Attack tree analysis. Working understanding More ❯

base on their severity and business impact. Leading the design, assurance, and continuous improvement of security systems and tooling, ensuring alignment with national cyber standards and best practices (e.g. NCSC, ISO 27001, NIST). Collaborating with architects, risk owners, and delivery teams to embed secure design principles and ensure the security operations centre (SOC) is equipped to handle emerging threats More ❯

Assurance and Risks. Security related legislation (e.g. GDPR, PCI DSS, ICO requirements). Security Control Frameworks such as ISO 27001, NIST CSF and CIS Controls v8. HMG, NPSA and NCSC security policies, standards and guidance. Have experience building and implementing secure by design principals within the software development lifecycle (SDLC). Threat Modelling - Kill Chain - Attack tree analysis. Working understanding More ❯

secure solutions from the ground up. What You'll Do Lead or support the delivery of secure systems, cloud configurations, or network designs. Apply security frameworks (ISO27001, NIST CSF, NCSC CAF) in real-world projects. Conduct threat modelling and recommend proportionate controls. Translate technical risk into clear business language for stakeholders. Deliver high-quality outputs and support wider project teams. More ❯

secure solutions from the ground up. What You'll Do Lead or support the delivery of secure systems, cloud configurations, or network designs. Apply security frameworks (ISO27001, NIST CSF, NCSC CAF) in real-world projects. Conduct threat modelling and recommend proportionate controls. Translate technical risk into clear business language for stakeholders. Deliver high-quality outputs and support wider project teams. More ❯

secure solutions from the ground up. What You'll Do Lead or support the delivery of secure systems, cloud configurations, or network designs. Apply security frameworks (ISO27001, NIST CSF, NCSC CAF) in real-world projects. Conduct threat modelling and recommend proportionate controls. Translate technical risk into clear business language for stakeholders. Deliver high-quality outputs and support wider project teams. More ❯

secure solutions from the ground up. What You'll Do Lead or support the delivery of secure systems, cloud configurations, or network designs. Apply security frameworks (ISO27001, NIST CSF, NCSC CAF) in real-world projects. Conduct threat modelling and recommend proportionate controls. Translate technical risk into clear business language for stakeholders. Deliver high-quality outputs and support wider project teams. More ❯

secure solutions from the ground up. What You'll Do Lead or support the delivery of secure systems, cloud configurations, or network designs. Apply security frameworks (ISO27001, NIST CSF, NCSC CAF) in real-world projects. Conduct threat modelling and recommend proportionate controls. Translate technical risk into clear business language for stakeholders. Deliver high-quality outputs and support wider project teams. More ❯

ll Bring: Experience delivering cyber strategy, transformation or governance projects in the public sector, defence or critical national infrastructure. Knowledge of cyber security frameworks such as NIST CSF, ISO27001, NCSC CAF, CRI 2.0, GDPR or NIS2. Strong consulting skills including stakeholder engagement, project delivery, and team management. Excellent written and verbal communication skills - confident in front of technical and senior More ❯

cyber leaders Ideal Background Proven experience in cyber strategy, transformation, and risk management within complex organisations Strong knowledge of regulatory and security frameworks (e.g. NIST CSF, ISO27001, GDPR, NIS2, NCSC CAF) Experience across areas such as GRC, security architecture, threat management, or vulnerability management Outstanding communication and stakeholder engagement skills, with the ability to influence at C-suite and board More ❯

cyber leaders Ideal Background Proven experience in cyber strategy, transformation, and risk management within complex organisations Strong knowledge of regulatory and security frameworks (e.g. NIST CSF, ISO27001, GDPR, NIS2, NCSC CAF) Experience across areas such as GRC, security architecture, threat management, or vulnerability management Outstanding communication and stakeholder engagement skills, with the ability to influence at C-suite and board More ❯

cyber leaders Ideal Background Proven experience in cyber strategy, transformation, and risk management within complex organisations Strong knowledge of regulatory and security frameworks (e.g. NIST CSF, ISO27001, GDPR, NIS2, NCSC CAF) Experience across areas such as GRC, security architecture, threat management, or vulnerability management Outstanding communication and stakeholder engagement skills, with the ability to influence at C-suite and board More ❯

cyber leaders Ideal Background Proven experience in cyber strategy, transformation, and risk management within complex organisations Strong knowledge of regulatory and security frameworks (e.g. NIST CSF, ISO27001, GDPR, NIS2, NCSC CAF) Experience across areas such as GRC, security architecture, threat management, or vulnerability management Outstanding communication and stakeholder engagement skills, with the ability to influence at C-suite and board More ❯

cyber leaders Ideal Background Proven experience in cyber strategy, transformation, and risk management within complex organisations Strong knowledge of regulatory and security frameworks (e.g. NIST CSF, ISO27001, GDPR, NIS2, NCSC CAF) Experience across areas such as GRC, security architecture, threat management, or vulnerability management Outstanding communication and stakeholder engagement skills, with the ability to influence at C-suite and board More ❯

cyber leaders Ideal Background Proven experience in cyber strategy, transformation, and risk management within complex organisations Strong knowledge of regulatory and security frameworks (e.g. NIST CSF, ISO27001, GDPR, NIS2, NCSC CAF) Experience across areas such as GRC, security architecture, threat management, or vulnerability management Outstanding communication and stakeholder engagement skills, with the ability to influence at C-suite and board More ❯

cyber leaders Ideal Background Proven experience in cyber strategy, transformation, and risk management within complex organisations Strong knowledge of regulatory and security frameworks (e.g. NIST CSF, ISO27001, GDPR, NIS2, NCSC CAF) Experience across areas such as GRC, security architecture, threat management, or vulnerability management Outstanding communication and stakeholder engagement skills, with the ability to influence at C-suite and board More ❯

and analytical solutions Working knowledge of cloud orchestration and containerisation technologies, such as Docker and Kubernetes Working knowledge of DevOps, CI/CD and Infrastructure-as-Code Understanding of NCSC Cloud Security Principles and its practical implementations Aker Systems Attributes At Aker we work as a team, we are collaborative, hardworking, open, and delivery obsessed. There is no blame culture More ❯

/CD) Familiar with scripting languages like PowerShell, YAML, JSON Expertise in application security tools and DevSecOps processes Understanding of key frameworks and standards (e.g. OWASP, NIST SSDF, ISO27001, NCSC) Experience with threat modelling, risk assessments, and secure design reviews Comfortable owning security strategy and tooling across complex, modern product landscapes Strong communicator - able to engage confidently with both engineers More ❯

/CD) Familiar with scripting languages like PowerShell, YAML, JSON Expertise in application security tools and DevSecOps processes Understanding of key frameworks and standards (e.g. OWASP, NIST SSDF, ISO27001, NCSC) Experience with threat modelling, risk assessments, and secure design reviews Comfortable owning security strategy and tooling across complex, modern product landscapes Strong communicator - able to engage confidently with both engineers More ❯

secure architectures, incorporating identity, access management, encryption, and network security. Conduct cloud security assessments and gap analyses for UK-based organisations. Advise on compliance with UK regulations (e.g. GDPR, NCSC Cloud Security Principles, ISO 27001). Develop and enforce cloud security policies, procedures, and governance models. Lead threat modelling, risk assessments, and vulnerability management initiatives. Configure and manage security tools More ❯

conditional access policies. Familiarity with common regulatory and compliance frameworks (e.g.NIST, CIS Controls, ISO 27001, Cyber Essentials Plus). Experience aligning infrastructure builds with cyber security standards such as NCSC guidance, CIS benchmarks, or Microsoft Security Baselines. Experience implementing monitoring, logging, and alerting toolsets including SIEM and threat detection platforms. Understanding of data classification, encryption, and secure storage/access More ❯

scripting languages such as PowerShell, YAML, or JSON Knowledge of application security tools, threat modelling, and risk assessments Familiarity with standards/frameworks such as OWASP, NIST SSDF, ISO27001, NCSC Experience guiding engineering teams and influencing security culture Excellent communication skills, able to engage confidently with developers and senior leadership Why join them? You'll be part of a forward More ❯

scripting languages such as PowerShell, YAML, or JSON Knowledge of application security tools, threat modelling, and risk assessments Familiarity with standards/frameworks such as OWASP, NIST SSDF, ISO27001, NCSC Experience guiding engineering teams and influencing security culture Excellent communication skills, able to engage confidently with developers and senior leadership Why join them? You'll be part of a forward More ❯