1 to 25 of 41 Permanent NCSC Jobs in the UK excluding London

/residing in UK Strong working knowledge of: JSP440, JSP604/453, JSP490 MOD/GDS Secure by Design principles ISO 27001, NIST CSF, CIS Controls v8 HMG, NPSA, NCSC policies and guidance Cloud security (Azure, AWS), containerisation, KMS, WAFs Event-driven microservices, network infrastructure, IDS/IPS AI security (ISO42001 desirable), ITHC scoping and remediation Threat modelling (Kill Chain More ❯

security controls. Ensure solutions comply with 'Secure by Design' principles, corporate policies, and industry frameworks. Assess vulnerabilities, lead risk mitigation, and ensure compliance with industry standards (ISO 27001, NIST, NCSC). Contribute to security design documentation, options papers, and client presentations. Collaborate across 1st, 2nd, and 3rd lines of defense on cyber risk, compliance, and governance. Create and present design More ❯

base on their severity and business impact. Leading the design, assurance, and continuous improvement of security systems and tooling, ensuring alignment with national cyber standards and best practices (e.g. NCSC, ISO 27001, NIST). Collaborating with architects, risk owners, and delivery teams to embed secure design principles and ensure the security operations centre (SOC) is equipped to handle emerging threats More ❯

Council professional registration (e.g. Chartered, Principal, Practitioner). Experience with HMG/MoD security standards, policies, and frameworks. Exposure to Secure by Design principles and assurance tooling. Knowledge of NCSC CAF, ISO 27001 audits, NIST frameworks, and supplier assurance. Experience working in defence, government, or regulated industries. Additional Requirements Eligible for UK security clearance (SC or DV preferred). UK More ❯

Council professional registration (e.g. Chartered, Principal, Practitioner). Experience with HMG/MoD security standards, policies, and frameworks. Exposure to Secure by Design principles and assurance tooling. Knowledge of NCSC CAF, ISO 27001 audits, NIST frameworks, and supplier assurance. Experience working in defence, government, or regulated industries. Additional Requirements Eligible for UK security clearance (SC or DV preferred). UK More ❯

Assurance and Risks. Security related legislation (e.g. GDPR, PCI DSS, ICO requirements). Security Control Frameworks such as ISO 27001, NIST CSF and CIS Controls v8. HMG, NPSA and NCSC security policies, standards and guidance. Have experience building and implementing secure by design principals within the software development lifecycle (SDLC). Threat Modelling - Kill Chain - Attack tree analysis. Working understanding More ❯

Governance, Risk, and Compliance Ideally, You'll Also Have: Security-related qualifications such as CISSP, CISM, CISMP, ISO27001 lead implementer or auditor, MBCI, or IAPP. Experience operating within an NCSC Assured Cyber Consultancy. Understanding of the cybersecurity regulatory landscape and assessment frameworks (e.g., NIS2, NIST CSF). Key delivery experience in cybersecurity strategy, transformation, and compliance. Sector experience in Government More ❯

cyber leaders Ideal Background Proven experience in cyber strategy, transformation, and risk management within complex organisations Strong knowledge of regulatory and security frameworks (e.g. NIST CSF, ISO27001, GDPR, NIS2, NCSC CAF) Experience across areas such as GRC, security architecture, threat management, or vulnerability management Outstanding communication and stakeholder engagement skills, with the ability to influence at C-suite and board More ❯

Assurance and Risks. Security related legislation (e.g. GDPR, PCI DSS, ICO requirements). Security Control Frameworks such as ISO 27001, NIST CSF and CIS Controls v8. HMG, NPSA and NCSC security policies, standards and guidance. Have experience building and implementing secure by design principals within the software development lifecycle (SDLC). Threat Modelling - Kill Chain - Attack tree analysis. Working understanding More ❯

security certification. Desirable Full Membership of the Chartered Institute of Information Security (CIISec) - highly desirable. Chartered or Principal status via the UK Cyber Security Council for Secure Systems Architecture. NCSC Certified Cyber Professional in Security Architecture. IEng or CEng registered with UK Engineering body. Chartership through the British Computer Society. SABSA Chartered Security Architect Other information: Logiq is committed to More ❯

security certification. Desirable Full Membership of the Chartered Institute of Information Security (CIISec) - highly desirable. Chartered or Principal status via the UK Cyber Security Council for Secure Systems Architecture. NCSC Certified Cyber Professional in Security Architecture. IEng or CEng registered with UK Engineering body. Chartership through the British Computer Society. SABSA Chartered Security Architect Other information: Logiq is committed to More ❯

security certification. Desirable Full Membership of the Chartered Institute of Information Security (CIISec) - highly desirable. Chartered or Principal status via the UK Cyber Security Council for Secure Systems Architecture. NCSC Certified Cyber Professional in Security Architecture. IEng or CEng registered with UK Engineering body. Chartership through the British Computer Society. SABSA Chartered Security Architect Other information: Logiq is committed to More ❯

security certification. Desirable Full Membership of the Chartered Institute of Information Security (CIISec) - highly desirable. Chartered or Principal status via the UK Cyber Security Council for Secure Systems Architecture. NCSC Certified Cyber Professional in Security Architecture. IEng or CEng registered with UK Engineering body. Chartership through the British Computer Society. SABSA Chartered Security Architect Other information: Logiq is committed to More ❯

business risk models and associated material, in support of operational cyber security and business planning activity across a range of different domains or sectors against recognised standards (e.g. ISO27001, NCSC CAF, NIS Directive, UK GovAssure) Identify mitigations for cyber risk in a given business or operational scenario and threat environment Lead and deliver cyber security audits, risk reviews and control More ❯

business risk models and associated material, in support of operational cyber security and business planning activity across a range of different domains or sectors against recognised standards (e.g. ISO27001, NCSC CAF, NIS Directive, UK GovAssure) Identify mitigations for cyber risk in a given business or operational scenario and threat environment Lead and deliver cyber security audits, risk reviews and control More ❯

business risk models and associated material, in support of operational cyber security and business planning activity across a range of different domains or sectors against recognised standards (e.g. ISO27001, NCSC CAF, NIS Directive, UK GovAssure) Identify mitigations for cyber risk in a given business or operational scenario and threat environment Lead and deliver cyber security audits, risk reviews and control More ❯

delivery of Trust Services. Conduct vulnerability assessments and other associated activities as appropriate within the Trust to Identify, remediate and mitigate risks to the Trust. Liaise with NHS England, NCSC and other relevant bodies as required ensuring IT Security advisories, directives and notifications are actioned and logged. This includes but is not limited to CareCERT, CiSP, vendor and other specialist More ❯

youll be doing Lead and deliver client engagements across governance, risk and compliance (GRC), including audits, assessments and improvement plans aligned to frameworks such as ISO/IEC 27001, NCSC CAF, and PCI DSS. Lead independent assurance , review and test security policies, procedures and controls; identify gaps; and recommend pragmatic remediation strategies. Develop and present security strategies that enhance resilience More ❯

duties consist of but are not limited to: Ensure security architecture aligns with wider Gov security policies and frameworks, legal frameworks, industry regulations and best practise (e.g ISO 27001, NCSC Standards, GDPR, PCI DSS, GovAssure, Secure by Design). Support the secure by design champion in building awareness and understanding of secure by design framework across DDaT. Manage the security More ❯

a sole UK National. Desirable Skills: To support the requirements of this role an awareness of national and international standards including the ISO27000 family, along with familiarity with recent NCSC guidance would be helpful. Knowledge and experience of using a suitable maturity model to develop the SOC, and the subsequent implementation of an agreed standard to improve this maturity where More ❯

migrating from on-prem to cloud solutions. Strong analytical skills for complex technical issues. Proven ability in designing cyber security systems and governance. Familiar with tools and frameworks (e.g. NCSC, NIST, MITRE, GDPR, PCI DSS). Deep understanding of security controls (e.g. firewalls, SIEM, SOC, DLP). Proficient in leading and coordinating incident response. Effective at managing multiple priorities under More ❯

embed cyber risk Improve processes, tools, and methodologies What were looking for Strong knowledge of cyber risk and enterprise risk registers Familiarity with frameworks like NIST, ISO 27001 or NCSC CAF Confident presenting to technical and exec audiences Skilled with reporting tools (Excel, Power BI, GRC platforms) Organised, proactive, and a clear communicator Whats on offer 30 days holiday plus More ❯

programmes, shaping national resilience, and influencing board level decision making. You will lead a cyber security technical team who deliver risk based assurance across systems and third parties, using NCSC aligned frameworks. This position requires a technically sharp leader with deep experience in cyber risk, security architecture and up to the minuet awareness, who can also engage stakeholders at the More ❯

programmes, shaping national resilience, and influencing board level decision making. You will lead a cyber security technical team who deliver risk based assurance across systems and third parties, using NCSC aligned frameworks. This position requires a technically sharp leader with deep experience in cyber risk, security architecture and up to the minuet awareness, who can also engage stakeholders at the More ❯

programmes, shaping national resilience, and influencing board level decision making. You will lead a cyber security technical team who deliver risk based assurance across systems and third parties, using NCSC aligned frameworks. This position requires a technically sharp leader with deep experience in cyber risk, security architecture and up to the minuet awareness, who can also engage stakeholders at the More ❯