1 to 25 of 103 Permanent NCSC Jobs in the UK

/residing in UK Strong working knowledge of: JSP440, JSP604/453, JSP490 MOD/GDS Secure by Design principles ISO 27001, NIST CSF, CIS Controls v8 HMG, NPSA, NCSC policies and guidance Cloud security (Azure, AWS), containerisation, KMS, WAFs Event-driven microservices, network infrastructure, IDS/IPS AI security (ISO42001 desirable), ITHC scoping and remediation Threat modelling (Kill Chain More ❯

Assurance and Risks. Security related legislation (e.g. GDPR, PCI DSS, ICO requirements). Security Control Frameworks such as ISO 27001, NIST CSF and CIS Controls v8. HMG, NPSA and NCSC security policies, standards and guidance. Have experience building and implementing secure by design principals within the software development lifecycle (SDLC). Threat Modelling - Kill Chain - Attack tree analysis. Working understanding More ❯

Assurance and Risks. Security related legislation (e.g. GDPR, PCI DSS, ICO requirements). Security Control Frameworks such as ISO 27001, NIST CSF and CIS Controls v8. HMG, NPSA and NCSC security policies, standards and guidance. Have experience building and implementing secure by design principals within the software development lifecycle (SDLC). Threat Modelling - Kill Chain - Attack tree analysis. Working understanding More ❯

Assurance and Risks. Security related legislation (e.g. GDPR, PCI DSS, ICO requirements). Security Control Frameworks such as ISO 27001, NIST CSF and CIS Controls v8. HMG, NPSA and NCSC security policies, standards and guidance. Have experience building and implementing secure by design principals within the software development lifecycle (SDLC). Threat Modelling - Kill Chain - Attack tree analysis. Working understanding More ❯

and analytical solutions Working knowledge of cloud orchestration and containerisation technologies, such as Docker and Kubernetes Working knowledge of DevOps, CI/CD and Infrastructure-as-Code Understanding of NCSC Cloud Security Principles and its practical implementations Aker Systems Attributes At Aker we work as a team, we are collaborative, hardworking, open, and delivery obsessed. There is no blame culture More ❯

. Proven experience in shaping technical strategy and leading architecture teams. Deep understanding of secure cloud design, zero trust models, and compliance frameworks such as NIST, DISA STIGs, and NCSC best practice. Expertise in Infrastructure as Code, containerisation (Kubernetes, OpenShift), and automation for secure cloud deployments. Strong knowledge of networking, encryption, IAM, and DevSecOps principles. Excellent stakeholder management, communication, and More ❯

/CD) Familiarity with scripting languages like PowerShell, YAML, JSON Hands-on with application security tools and DevSecOps processes Understanding of frameworks and standards like OWASP, NIST SSDF, ISO27001, NCSC Experience with threat modelling, risk assessments, and secure design reviews Confident owning security strategy and tooling across complex product landscapes A strong communicator - able to engage with engineers and execs More ❯

/CD) Familiarity with scripting languages like PowerShell, YAML, JSON Hands-on with application security tools and DevSecOps processes Understanding of frameworks and standards like OWASP, NIST SSDF, ISO27001, NCSC Experience with threat modelling, risk assessments, and secure design reviews Confident owning security strategy and tooling across complex product landscapes A strong communicator - able to engage with engineers and execs More ❯

IL3/IL4/IL5, SCIF, air-gapped systems). Deep knowledge of: MOD and NATO security policies (JSPs, DEFCONs, STANAGs), NIST, CIS, ISO/IEC 27001 frameworks, UK NCSC principles and secure-by-design methodologies. Competent with cross-border IT operations, including data sovereignty, dual-use controls, and export classification. Strong track record of leading infrastructure, IT operations, and More ❯

SOC environments. Hands-on experience with Azure Security Center, Microsoft Sentinel, Defender ATP, M365 Security & Compliance, and KQL scripting. Knowledge of frameworks such as MITRE ATT&CK, NIST, CIS, NCSC, and Security Scorecard. Understanding of network security systems (Zscaler, Darktrace, Firewalls, NAC, VPN, wireless, segmentation). Strong grasp of cloud computing (IaaS/PaaS/SaaS), authentication (AAD, Managed Identity More ❯

framework , MOD digital services, or Defence data standards Infrastructure as Code - Terraform or Ansible Experience with MODCloud, AWS, or Azure Testing frameworks: Jest, Mocha, Supertest Familiarity with JSP 440 , NCSC Secure Coding Guidelines , or Defence Digital standards Security Clearance Active SC clearance is mandatory . Candidates eligible for DV clearance will be prioritised for longer-term roles. Reasonable Adjustments: Respect More ❯

development lifecycle. Lead and mentor a small team of Cyber Security Engineers . Design and deliver secure cloud architectures and solutions. Ensure compliance with key security standards and regulations (NCSC, ISO, NIST, GDPR, etc.). Support Continuous Security, CI/CD, and DevSecOps processes. Key Requirements: Proven experience designing and implementing secure cloud solutions. Strong understanding of application and infrastructure More ❯

development lifecycle. Lead and mentor a small team of Cyber Security Engineers . Design and deliver secure cloud architectures and solutions. Ensure compliance with key security standards and regulations (NCSC, ISO, NIST, GDPR, etc.). Support Continuous Security, CI/CD, and DevSecOps processes. Key Requirements: Proven experience designing and implementing secure cloud solutions. Strong understanding of application and infrastructure More ❯

development lifecycle. Lead and mentor a small team of Cyber Security Engineers . Design and deliver secure cloud architectures and solutions. Ensure compliance with key security standards and regulations (NCSC, ISO, NIST, GDPR, etc.). Support Continuous Security, CI/CD, and DevSecOps processes. Key Requirements: Proven experience designing and implementing secure cloud solutions. Strong understanding of application and infrastructure More ❯

development lifecycle. Lead and mentor a small team of Cyber Security Engineers . Design and deliver secure cloud architectures and solutions. Ensure compliance with key security standards and regulations (NCSC, ISO, NIST, GDPR, etc.). Support Continuous Security, CI/CD, and DevSecOps processes. Key Requirements: Proven experience designing and implementing secure cloud solutions. Strong understanding of application and infrastructure More ❯

development lifecycle. Lead and mentor a small team of Cyber Security Engineers . Design and deliver secure cloud architectures and solutions. Ensure compliance with key security standards and regulations (NCSC, ISO, NIST, GDPR, etc.). Support Continuous Security, CI/CD, and DevSecOps processes. Key Requirements: Proven experience designing and implementing secure cloud solutions. Strong understanding of application and infrastructure More ❯

development lifecycle. Lead and mentor a small team of Cyber Security Engineers . Design and deliver secure cloud architectures and solutions. Ensure compliance with key security standards and regulations (NCSC, ISO, NIST, GDPR, etc.). Support Continuous Security, CI/CD, and DevSecOps processes. Key Requirements: Proven experience designing and implementing secure cloud solutions. Strong understanding of application and infrastructure More ❯

development lifecycle. Lead and mentor a small team of Cyber Security Engineers . Design and deliver secure cloud architectures and solutions. Ensure compliance with key security standards and regulations (NCSC, ISO, NIST, GDPR, etc.). Support Continuous Security, CI/CD, and DevSecOps processes. Key Requirements: Proven experience designing and implementing secure cloud solutions. Strong understanding of application and infrastructure More ❯

development lifecycle. Lead and mentor a small team of Cyber Security Engineers . Design and deliver secure cloud architectures and solutions. Ensure compliance with key security standards and regulations (NCSC, ISO, NIST, GDPR, etc.). Support Continuous Security, CI/CD, and DevSecOps processes. Key Requirements: Proven experience designing and implementing secure cloud solutions. Strong understanding of application and infrastructure More ❯

development lifecycle. Lead and mentor a small team of Cyber Security Engineers . Design and deliver secure cloud architectures and solutions. Ensure compliance with key security standards and regulations (NCSC, ISO, NIST, GDPR, etc.). Support Continuous Security, CI/CD, and DevSecOps processes. Key Requirements: Proven experience designing and implementing secure cloud solutions. Strong understanding of application and infrastructure More ❯

development lifecycle. Lead and mentor a small team of Cyber Security Engineers . Design and deliver secure cloud architectures and solutions. Ensure compliance with key security standards and regulations (NCSC, ISO, NIST, GDPR, etc.). Support Continuous Security, CI/CD, and DevSecOps processes. Key Requirements: Proven experience designing and implementing secure cloud solutions. Strong understanding of application and infrastructure More ❯

communicate with senior stakeholders Familiarity with TOGAF or equivalent frameworks Ideally previous experience delivering into Central Government Essential: CISSP, CISM, or similar industry-recognised certification Desirable: CIISec Full Membership, NCSC CCP (Security Architecture), or relevant Chartership Why Join Work on impactful programmes securing critical national services Clear professional development pathways with support for certifications Flexible hybrid working and a supportive More ❯

security direction, and shaping service offerings. Key responsibilities: Deliver advanced security consultancy across Azure and AWS. Conduct posture assessments, gap analyses, and configuration reviews. Design secure architectures aligned with NCSC, CIS, and ISO 27001. Advise on governance, compliance (ISO 27001, Cyber Essentials Plus, NIST). Collaborate with SOC and engineering teams to strengthen detection and identity controls. You’ll need More ❯

s privileged security baseline. Be familiar designing and implementing closed loop credential management workflows. Stay ahead of the security curve and make best practice recommendations to senior management (NIST, NCSC etc.) Be able to work autonomously on complex projects, gathering key information and making appropriate recommendations. Design, implement, and manage the PAM system to ensure the confidentiality, integrity, and availability More ❯

s privileged security baseline. Be familiar designing and implementing closed loop credential management workflows. Stay ahead of the security curve and make best practice recommendations to senior management (NIST, NCSC etc.) Be able to work autonomously on complex projects, gathering key information and making appropriate recommendations. Design, implement, and manage the PAM system to ensure the confidentiality, integrity, and availability More ❯