19 of 19 Permanent NCSC Jobs in the South East

Assurance and Risks. Security related legislation (e.g. GDPR, PCI DSS, ICO requirements). Security Control Frameworks such as ISO 27001, NIST CSF and CIS Controls v8. HMG, NPSA and NCSC security policies, standards and guidance. Have experience building and implementing secure by design principals within the software development lifecycle (SDLC). Threat Modelling - Kill Chain - Attack tree analysis. Working understanding More ❯

. Proven experience in shaping technical strategy and leading architecture teams. Deep understanding of secure cloud design, zero trust models, and compliance frameworks such as NIST, DISA STIGs, and NCSC best practice. Expertise in Infrastructure as Code, containerisation (Kubernetes, OpenShift), and automation for secure cloud deployments. Strong knowledge of networking, encryption, IAM, and DevSecOps principles. Excellent stakeholder management, communication, and More ❯

/CD) Familiarity with scripting languages like PowerShell, YAML, JSON Hands-on with application security tools and DevSecOps processes Understanding of frameworks and standards like OWASP, NIST SSDF, ISO27001, NCSC Experience with threat modelling, risk assessments, and secure design reviews Confident owning security strategy and tooling across complex product landscapes A strong communicator - able to engage with engineers and execs More ❯

development lifecycle. Lead and mentor a small team of Cyber Security Engineers . Design and deliver secure cloud architectures and solutions. Ensure compliance with key security standards and regulations (NCSC, ISO, NIST, GDPR, etc.). Support Continuous Security, CI/CD, and DevSecOps processes. Key Requirements: Proven experience designing and implementing secure cloud solutions. Strong understanding of application and infrastructure More ❯

development lifecycle. Lead and mentor a small team of Cyber Security Engineers . Design and deliver secure cloud architectures and solutions. Ensure compliance with key security standards and regulations (NCSC, ISO, NIST, GDPR, etc.). Support Continuous Security, CI/CD, and DevSecOps processes. Key Requirements: Proven experience designing and implementing secure cloud solutions. Strong understanding of application and infrastructure More ❯

security direction, and shaping service offerings. Key responsibilities: Deliver advanced security consultancy across Azure and AWS. Conduct posture assessments, gap analyses, and configuration reviews. Design secure architectures aligned with NCSC, CIS, and ISO 27001. Advise on governance, compliance (ISO 27001, Cyber Essentials Plus, NIST). Collaborate with SOC and engineering teams to strengthen detection and identity controls. You’ll need More ❯

s privileged security baseline. Be familiar designing and implementing closed loop credential management workflows. Stay ahead of the security curve and make best practice recommendations to senior management (NIST, NCSC etc.) Be able to work autonomously on complex projects, gathering key information and making appropriate recommendations. Design, implement, and manage the PAM system to ensure the confidentiality, integrity, and availability More ❯

Coordinate crypto change windows (key loads/rollovers), support incident response related to crypto assets, and drive continuous improvement of crypto processes. Ensure that Key Material is ordered from NCSC/MoD and delivered/installed in a timely manner, avoiding any lapse of service (or derogation requests). Regular status review calls with our Crypto stakeholders (internal and external More ❯

/365 breach response line; initiating and leading CMT calls; appointing IT forensics firms; engaging PR consultants; advising on notification obligations; notifying and liaising with criminal authorities (e.g. NCA, NCSC); project managing the incident response; appointing foreign counsel and coordinating multi-jurisdictional incidents; engaging credit monitoring and notification service providers; applying for injunctions; and submitting takedown requests. Regulatory: managing regulatory More ❯

than 25 countries. Every day, we work across time zones, cultures, and languages to protect clients that range from household brands to nationally significant infrastructure.We’re one of the NCSC CIR-enhanced capabilities in the UK (https://schemes/cyber-incident-response/information-for-buyers), meaning our team is trusted to respond to the nation’s most More ❯

team, you will be able to demonstrate a knowledge of the following: Developing and deploying Cross Domain Solutions, including their design, use, testing and assurance. Sound understanding of the NCSC patterns and guidance for safely importing and exporting data. Ability to assess the product marketplace for products which meet requirements of the functional components of the solution. Ability to convey More ❯

in an embedded environment. Desirable: INCOSE recognition ASEP or CSEP Experience working as a technical Subject Matter Expert (SME) and developing new areas of expertise as and when required. NCSC security processes and familiar with deliver of associated security artefacts. Role requirements Has attained SC clearance Able to travel within UK Clean driving license Willing and able to obtain, and More ❯

security best practices and compliance frameworks. Ability to diagnose and resolve complex technical issues. PowerShell or similar scripting experience. Desirable Experience in government or secure environments. Familiarity with CIS, NCSC, or similar security standards. Understanding of Zero Trust concepts. More ❯

demonstrable expertise in: Cloud platforms (e.g., AWS GovCloud, Azure Government, Google Cloud Platform Assured Workloads, private clouds). Security frameworks and compliance standards relevant to defenceand national security (e.g., NCSC best practices, NIST 800-53, DISA STIGs, SOC 2, ISO 27001). Secure cloud architecture patterns (e.zero trust, micro-segmentation, data loss prevention, encryption at rest and in transit). … contributions, demonstrating the ability to articulate complex technical solutions to clients and secure new business. Deep understanding of security frameworks and compliance standards relevant to defenceand national security (e.g., NCSC patterns, NIST 800-53, DISA STIGs). Technical Skills Expert-level knowledge of major cloud platforms (e.g.AWS, Azure, GCP) and their services, particularly in their government or secure offerings (e.g. More ❯

processes, techniques and technology trends. Experience of DOORS, UML, Enterprise Architect and SysML. Desirable: INCOSE recognition ASEP or CSEP Experience working as a technical Subject Matter Expert (SME). NCSC security processes and familiar with deliver of associated security artefacts. More ❯

processes, techniques and technology trends. Experience of DOORS, UML, Enterprise Architect and SysML. Desirable: INCOSE recognition ASEP or CSEP Experience working as a technical Subject Matter Expert (SME). NCSC security processes and familiar with deliver of associated security artefacts. More ❯

policy. Delivery Assurance : Embed security governance into acquisition programme milestones, ensuring traceability and accountability across all phases. Stakeholder Coordination : Act as the governance interface between DE&S, Defence Digital, NCSC, and industry partners. Risk & Compliance Oversight : Lead the identification, assessment, and mitigation of security risks across delivery workstreams. Policy Integration : Ensure alignment with JSP 440, JSP 604, and relevant Defence … Digital and NCSC guidance. Reporting & Assurance : Produce governance artefacts, assurance reports, and dashboards for senior stakeholders and programme boards. Audit & Accreditation Support : Facilitate security accreditation processes and support internal/external audits. Essential Skills & Experience Proven experience in security governance within MOD or UK Government programmes. Strong understanding of Secure by Design , Defence Digital frameworks , and MOD acquisition processes. Familiarity More ❯

Framework (SPFx) components. Establish lists, libraries, and content types to support business processes and governance requirements. Implement secure access and permissions models in line with organizational and MOD/NCSC policies. Integrate SharePoint with other enterprise systems (e.g. ServiceNow, Power BI, Azure, and legacy systems). Customise the SharePoint user experience through modern UI design, scripting (JavaScript/TypeScript), and … documentation, including technical designs and release notes. It would be great if you had: Experience working within secure environments (MOD, Defence, Government). Knowledge of security accreditation processes or NCSC guidelines. Experience in migration tools (ShareGate, Metalogix, etc.). Understanding of CI/CD pipelines for SharePoint. If you are interested in this role but not sure if your skills More ❯

to a position of mature cyber security & resilience, sometimes from a starting point of minimal security maturity. Supporting clients to implement frameworks, standards, and guidance, including ISA/IEC62443, NCSC CAF, NIST SP 800-82, ISO 27001, HSE OG86. Helping clients to understand their attack vectors that could be exploitable by threats. Designing secure OT network architectures and perimeter defences. … and approaches within OT environments. Understanding of the different priorities of cyber security in OT & IT. Knowledge of cyber security frameworks, including but not limited to ISA/IEC62443, NCSC CAF, NIST SP 800-82, HSE OG86, ISO 27001. Awareness and understanding of the OT security threat landscape. Ability to understand and articulate the impacts of cyber security events in More ❯