17 of 17 Permanent NCSC Jobs in the South East

gained as a Security Architect or in a technical cyber role. Expertise in: Security legislation (GDPR, PCI DSS, ICO) Frameworks (ISO 27001, NIST CSF, CIS Controls v8) HMG/NCSC policies and guidance Cloud security (AWS, Azure) Microservice architectures PKI, Cryptography, Privileged Access Management Certifications: SABSA, TOGAF, AWS/Azure Architect, CISSP, CISM (or working towards CIISEC/UK Cyber More ❯

Assurance and Risks. Security related legislation (e.g. GDPR, PCI DSS, ICO requirements). Security Control Frameworks such as ISO 27001, NIST CSF and CIS Controls v8. HMG, NPSA and NCSC security policies, standards and guidance. Have experience building and implementing secure by design principals within the software development lifecycle (SDLC). Threat Modelling - Kill Chain - Attack tree analysis. Working understanding More ❯

secure solutions from the ground up. What You'll Do Lead or support the delivery of secure systems, cloud configurations, or network designs. Apply security frameworks (ISO27001, NIST CSF, NCSC CAF) in real-world projects. Conduct threat modelling and recommend proportionate controls. Translate technical risk into clear business language for stakeholders. Deliver high-quality outputs and support wider project teams. More ❯

secure solutions from the ground up. What You'll Do Lead or support the delivery of secure systems, cloud configurations, or network designs. Apply security frameworks (ISO27001, NIST CSF, NCSC CAF) in real-world projects. Conduct threat modelling and recommend proportionate controls. Translate technical risk into clear business language for stakeholders. Deliver high-quality outputs and support wider project teams. More ❯

secure solutions from the ground up. What You'll Do Lead or support the delivery of secure systems, cloud configurations, or network designs. Apply security frameworks (ISO27001, NIST CSF, NCSC CAF) in real-world projects. Conduct threat modelling and recommend proportionate controls. Translate technical risk into clear business language for stakeholders. Deliver high-quality outputs and support wider project teams. More ❯

/CD) Familiar with scripting languages like PowerShell, YAML, JSON Expertise in application security tools and DevSecOps processes Understanding of key frameworks and standards (e.g. OWASP, NIST SSDF, ISO27001, NCSC) Experience with threat modelling, risk assessments, and secure design reviews Comfortable owning security strategy and tooling across complex, modern product landscapes Strong communicator - able to engage confidently with both engineers More ❯

scripting languages such as PowerShell, YAML, or JSON Knowledge of application security tools, threat modelling, and risk assessments Familiarity with standards/frameworks such as OWASP, NIST SSDF, ISO27001, NCSC Experience guiding engineering teams and influencing security culture Excellent communication skills, able to engage confidently with developers and senior leadership Why join them? You'll be part of a forward More ❯

cyber risk, cyber maturity, security architecture, cyber transformation and regulatory compliance for cyber. Experience of various recognised cyber security relevant standards and regulations, such as NIST CSF, CRI2.0, ISO27001, NCSC CAF, GDPR and NIS2. Experience working in a variety of environments or organisational contexts to develop cyber strategy and manage cyber risk. Desire to work with large organisations trying to More ❯

cyber risk, cyber maturity, security architecture, cyber transformation and regulatory compliance for cyber. Experience of various recognised cyber security relevant standards and regulations, such as NIST CSF, CRI2.0, ISO27001, NCSC CAF, GDPR and NIS2. Experience working in a variety of environments or organisational contexts to develop cyber strategy and manage cyber risk. Desire to work with large organisations trying to More ❯

in this role Exceptional planning and communication skills are key for this role, and you’ll have a knowledge of security standards and processes such as ISO 27001 standards, (NCSC) CAF, Cyber Essentials, NIST and Cyber Essentials/Plus. We’ll also look for your experience in: Developing cyber policy and procedures Data protection and privacy Security change management Understanding More ❯

cyber risk, cyber maturity, security architecture, cyber transformation and regulatory compliance for cyber. Experience of various recognised cyber security relevant standards and regulations, such as NIST CSF, CRI2.0, ISO27001, NCSC CAF, GDPR and NIS2. Experience working in a variety of environments or organisational contexts to develop cyber strategy and manage cyber risk. Desire to work with large organisations trying to More ❯

driving innovation and resilience in highly sensitive, classified environments. Key Responsibilities Develop and lead a comprehensive enterprise architecture strategy aligned with MOD's Digital Strategy, Defence Digital objectives, and NCSC guidelines. Design secure, scalable architectures for classified systems, including STRAP-level environments, adhering to JSP 440/604 policies. Oversee the integration of emerging technologies (e.g., AI/ML, secure … Forces Command, Defence Digital) on architecture roadmaps and solutions. Mentor and build high-performing architecture teams to support long-term MOD objectives. Stay ahead of global tech trends, leveraging NCSC and GCHQ insights to future-proof MOD architectures. What We are Looking For Active DV or eDV clearance (essential; must be current and verifiable). 10+ years in senior IT … or equivalent). Deep expertise in secure cloud platforms (AWS, Azure, GovCloud), zero-trust architecture, AI integration, and DevSecOps. Strong knowledge of MOD frameworks (e.g., JSP 440/604, NCSC guidelines, MODAF, TOGAF). Professional certifications (e.g., TOGAF 9.2, CISSP, AWS Solutions Architect, ITIL) highly desirable. Exceptional strategic thinking and stakeholder engagement skills, with experience briefing military leadership and senior More ❯

driving innovation and resilience in highly sensitive, classified environments. Key Responsibilities Develop and lead a comprehensive enterprise architecture strategy aligned with MOD's Digital Strategy, Defence Digital objectives, and NCSC guidelines. Design secure, scalable architectures for classified systems, including STRAP-level environments, adhering to JSP 440/604 policies. Oversee the integration of emerging technologies (e.g., AI/ML, secure … Forces Command, Defence Digital) on architecture roadmaps and solutions. Mentor and build high-performing architecture teams to support long-term MOD objectives. Stay ahead of global tech trends, leveraging NCSC and GCHQ insights to future-proof MOD architectures. What We are Looking For Active DV or eDV clearance (essential; must be current and verifiable). 10+ years in senior IT … or equivalent). Deep expertise in secure cloud platforms (AWS, Azure, GovCloud), zero-trust architecture, AI integration, and DevSecOps. Strong knowledge of MOD frameworks (e.g., JSP 440/604, NCSC guidelines, MODAF, TOGAF). Professional certifications (e.g., TOGAF 9.2, CISSP, AWS Solutions Architect, ITIL) highly desirable. Exceptional strategic thinking and stakeholder engagement skills, with experience briefing military leadership and senior More ❯

Work closely with MOD stakeholders to understand requirements, translate them into architectural solutions, and ensure delivery aligns with their long term cloud roadmap. • Security & Compliance: Embed best practices—covering NCSC principles, government standards, and regulatory requirements—into all designs and transition plans. Required qualifications to be successful in this role • Cloud Expertise: Deep knowledge of private cloud platforms and public … Defence cloud delivery, with 3+ years as lead architect for legacy to cloud migrations. • Certifications: Cloud Architect Expert certification in at least one major platform. • Government Frameworks: Familiarity with NCSC Cloud Security Principles, Technology Code of Practice, G Cloud, Digital Service Standards, or similar. Why CGI? • Shape the UK’s Defence cloud transformation strategy • Work on high classification, mission critical More ❯

security assurance frameworks. Experience engaging with customers during audits and RFP/RFI processes, showcasing security-driven solutions. Familiarity with regulatory frameworks such as NIST CSF, GDPR, and UK NCSC guidance. Experience liaising with external auditors and certification bodies. Skills: Exceptional documentation and evidence collection capabilities. Strong communication skills to articulate technical assurance challenges to leadership and customers. Analytical and … maintaincertifications such as ISO/IEC 27001, SOC 2 Type II, Cyber Essentials Plus, and CREST accreditation. Manage sector-specific frameworks, like PCI DSS for payment card data and NCSC CIR/CHECK for secure operations. Proactively identify compliance gaps and ensure certifications are renewed on schedule. Assurance for SOC Operations: Embed certification requirements into SOC processes and everyday governance. More ❯

Conditions are met. This will involve liaising and co-ordinating with security authorities including Ministry of Defence Police (MDP), the Defence Nuclear Organisation (DNO), the National Cyber Security Centre (NCSC) and the UK Security & Vetting provider (UKSV).The Security Director will identify, develop, implement and maintain security processes, practices, and policies throughout AWE to reduce risks, respond to incidents and More ❯

governance, processes, and operational practices Ensure continuous monitoring, evidence collection, and audit readiness for internal and external assessments Monitor developments in global cybersecurity regulations and frameworks (NIST CSF, UK NCSC guidance, EU NIS2, GDPR) Oversee sector-specific assurance requirements, including PCI DSS and NCSC CIR/CHECK, where applicable Provide expert advice to leadership on regulatory changes impacting SOC assurance … Strong understanding of SOC operations and security assurance frameworks Experience in customer-facing assurance activities, including audits, RFIs, and RFPs In-depth knowledge of NIST CSF, GDPR, and UK NCSC guidance Experience liaising with external auditors, regulators, and certification bodies Strong ability to develop and maintain compliance documentation and audit evidence Proven organisational skills managing multiple certifications and assurance projects More ❯