101 to 120 of 120 NCSC Jobs in England

an understanding of Government Functional Standards e.g. GovS 007. • Knowledge of security control (and maturity) frameworks e.g. NIST (e.g. CSMA, CSF), CIS, ISO 27000 series, CSA Cloud Controls Matrix, NCSC CAF, and an understanding of the types and functions of security controls. • An understanding of hypothetical attack paths, familiarity with NIST CSF tools and able to use it for gap … analysis. • Understands Data Flow Diagrams (DFD) and trust boundaries and is able to create one using information provided about an environment. • Familiar with the functions of relevant authorities e.g. NCSC, NPSA. • An understanding of Vulnerability Management, Red Teaming, and Breach and Attack Simulation or experience of working within an Active Defence discipline. Experience looking for: • All internal based projects. Backlog More ❯

policy. Delivery Assurance : Embed security governance into acquisition programme milestones, ensuring traceability and accountability across all phases. Stakeholder Coordination : Act as the governance interface between DE&S, Defence Digital, NCSC, and industry partners. Risk & Compliance Oversight : Lead the identification, assessment, and mitigation of security risks across delivery workstreams. Policy Integration : Ensure alignment with JSP 440, JSP 604, and relevant Defence … Digital and NCSC guidance. Reporting & Assurance : Produce governance artefacts, assurance reports, and dashboards for senior stakeholders and programme boards. Audit & Accreditation Support : Facilitate security accreditation processes and support internal/external audits. Essential Skills & Experience Proven experience in security governance within MOD or UK Government programmes. Strong understanding of Secure by Design , Defence Digital frameworks , and MOD acquisition processes. Familiarity More ❯

attacks and espionage. At GCHQ you'll do varied and fascinating work in a supportive and inclusive environment that puts the emphasis on teamwork. The National Cyber Security Centre (NCSC), part of GCHQ, is the UK Government's lead authority on cyber security. The organisation is at the heart of the Government's cyber security strategy and has the aim … of making the UK the safest place to live and work online. The NCSC collaborates with partners across defence, industry and the broader intelligence community to support our work. We're currently looking for Lead and Senior Cyber Security Experts to join our team at the NCSC. In this role, you'll work alongside technical specialists who explore the core … meaningful outcomes. Understanding how technical decisions affect both individuals and organisations is central to the way we approach problem-solving. GCHQ competencies As part of the selection process, the NCSC will assess you using competencies aligned with those used across the UK Intelligence Community. These are closely based on the Civil Service Behaviours, so if you're familiar with those More ❯

an understanding of Government Functional Standards e.g. GovS 007. Knowledge of security control (and maturity) frameworks e.g. NIST (e.g. CSMA, CSF), CIS, ISO 27000 series, CSA Cloud Controls Matrix, NCSC CAF, and an understanding of the types and functions of security controls. An understanding of hypothetical attack paths, familiarity with NIST CSF tools and able to use it for gap … analysis. Understands Data Flow Diagrams (DFD) and trust boundaries and is able to create one using information provided about an environment. Familiar with the functions of relevant authorities e.g. NCSC, NPSA. An understanding of Vulnerability Management, Red Teaming, and Breach and Attack Simulation or experience of working within an Active Defence discipline. Security Requirements: SC This role will require you More ❯

an understanding of Government Functional Standards e.g. GovS 007. Knowledge of security control (and maturity) frameworks e.g. NIST (e.g. CSMA, CSF), CIS, ISO 27000 series, CSA Cloud Controls Matrix, NCSC CAF, and an understanding of the types and functions of security controls. An understanding of hypothetical attack paths, familiarity with NIST CSF tools and able to use it for gap … analysis. Understands Data Flow Diagrams (DFD) and trust boundaries and is able to create one using information provided about an environment. Familiar with the functions of relevant authorities e.g. NCSC, NPSA. An understanding of Vulnerability Management, Red Teaming, and Breach and Attack Simulation or experience of working within an Active Defence discipline. Security Requirements: SC This role will require you More ❯

Microsoft 365 security—leveraging Purview, Conditional Access, MFA—to safeguard modern workplaces. Ensure compliance with GDPR (DPA 2018), Cyber Essentials (Basic & Plus), and ISO 27001, supported by frameworks like NCSC and NIST. Operate around cybersecurity fundamentals: CIA (Confidentiality, Integrity, Availability), proactive threat prevention, and rapid incident response About You You’re naturally aligned with MSP-style work, deeply familiar with … designing and delivering compliance aligned services across GDPR, Cyber Essentials, ISO 27001. Proficient in using Microsoft 365 security stack: Purview, Defender, Conditional Access, MFA. Fluent in cybersecurity frameworks (CIA, NCSC, NIST) and modern threat prevention approaches. Why Curveball Make a real impact: You’ll lead the cybersecurity footprint across clients and services. True partnership: We treat clients like collaborators, not More ❯

value. Enhance Microsoft 365 securityleveraging Purview, Conditional Access, MFAto safeguard modern workplaces. Ensure compliance with GDPR (DPA 2018), Cyber Essentials (Basic & Plus), and ISO 27001, supported by frameworks like NCSC and NIST. Operate around cybersecurity fundamentals: CIA (Confidentiality, Integrity, Availability), proactive threat prevention, and rapid incident response About You You're naturally aligned with MSP-style work, deeply familiar with … designing and delivering compliance aligned services across GDPR, Cyber Essentials, ISO 27001. Proficient in using Microsoft 365 security stack: Purview, Defender, Conditional Access, MFA. Fluent in cybersecurity frameworks (CIA, NCSC, NIST) and modern threat prevention approaches. Why Curveball Make a real impact : You'll lead the cybersecurity footprint across clients and services. True partnership : We treat clients like collaborators, not More ❯

of pen testing procedures, including reporting, triaging, and devising remediation plans. MOD Knowledge: Familiarity with Ministry of Defence (MOD) protocols and requirements. NCSC Guidance: Expertise in applying NCSC (National Cyber Security Centre) guidance effectively. Desirable Skills Security Architecture Expertise: Experience in designing and implementing security architectures is highly valued. Role: Up to £75,000 per annum 25 days holidays More ❯

of pen testing procedures, including reporting, triaging, and devising remediation plans. MOD Knowledge: Familiarity with Ministry of Defence (MOD) protocols - JSP453 . NCSC Guidance: Expertise in applying NCSC (National Cyber Security Centre) guidance effectively. Desirable Skills Security Architecture Expertise: Experience in designing and implementing security architectures is highly valued. Role: Up to £75,000 per annum 25 days holidays More ❯

of pen testing procedures, including reporting, triaging, and devising remediation plans. MOD Knowledge: Familiarity with Ministry of Defence (MOD) protocols and requirements. NCSC Guidance: Expertise in applying NCSC (National Cyber Security Centre) guidance effectively. Desirable Skills Security Architecture Expertise: Experience in designing and implementing security architectures is highly valued. Role: Up to 75,000 per annum 25 days holidays More ❯

of pen testing procedures, including reporting, triaging, and devising remediation plans. MOD Knowledge: Familiarity with Ministry of Defence (MOD) protocols - JSP453 . NCSC Guidance: Expertise in applying NCSC (National Cyber Security Centre) guidance effectively. Desirable Skills Security Architecture Expertise: Experience in designing and implementing security architectures is highly valued. Role: Up to £75,000 per annum 25 days holidays More ❯

Work closely with MOD stakeholders to understand requirements, translate them into architectural solutions, and ensure delivery aligns with their long term cloud roadmap. • Security & Compliance: Embed best practices—covering NCSC principles, government standards, and regulatory requirements—into all designs and transition plans. Required qualifications to be successful in this role • Cloud Expertise: Deep knowledge of private cloud platforms and public … Defence cloud delivery, with 3+ years as lead architect for legacy to cloud migrations. • Certifications: Cloud Architect Expert certification in at least one major platform. • Government Frameworks: Familiarity with NCSC Cloud Security Principles, Technology Code of Practice, G Cloud, Digital Service Standards, or similar. Why CGI? • Shape the UK’s Defence cloud transformation strategy • Work on high classification, mission critical More ❯

the platform. Embed security requirements and stage gates within the Programme Governance cycle. Lead security design consultations for existing and new systems to ensure alignment with industry standards and NCSC principles. Provide security guidance and approvals in Technical Working Groups and change forums. Act as Technical Security Lead for Product Team Security Guardians, driving continuous security improvement. Prioritise and direct … responses to Security Hub findings, vulnerabilities, and risks. Assess and monitor systems for compliance with ISO27001, BS10008, NCSC CAF, and other mandated frameworks. Identify and address security control weaknesses and risks, contributing to technical security innovation. Run forums to review technical security proposals with Product Teams. Attend Security Working Groups and Tenant Forums to provide and lead on ongoing technical … best practices. With a track record and proven skills in Amazon Web Services Public Cloud Platform. Experience implementing Secure by Design strategies in cloud environments. Familiarity with ISO27001, BS10008, NCSC CAF, and related security standards. Proven ability to lead security design reviews and provide technical security guidance. Excellent communication and stakeholder management skills. Desirable: Experience in government or policing environments. More ❯

security assurance frameworks. Experience engaging with customers during audits and RFP/RFI processes, showcasing security-driven solutions. Familiarity with regulatory frameworks such as NIST CSF, GDPR, and UK NCSC guidance. Experience liaising with external auditors and certification bodies. Skills: Exceptional documentation and evidence collection capabilities. Strong communication skills to articulate technical assurance challenges to leadership and customers. Analytical and … maintaincertifications such as ISO/IEC 27001, SOC 2 Type II, Cyber Essentials Plus, and CREST accreditation. Manage sector-specific frameworks, like PCI DSS for payment card data and NCSC CIR/CHECK for secure operations. Proactively identify compliance gaps and ensure certifications are renewed on schedule. Assurance for SOC Operations: Embed certification requirements into SOC processes and everyday governance. More ❯

an understanding of Government Functional Standards e.g. GovS 007 Knowledge of security control (and maturity) frameworks e.g. NIST (e.g. CSMA, CSF), CIS, ISO 27000 series, CSA Cloud Controls Matrix, NCSC CAF, and an understanding of the types and functions of security controls Familiar with the functions of relevant authorities e.g. NCSC, NPSA Relevant IT degree or industry recognised certification Relevant More ❯

federation, and certificate management capabilities across highly assured platforms. You’ll take a leading role in shaping resilient architectures within secure, air-gapped environments, ensuring compliance with MOD and NCSC principles while delivering practical, scalable solutions to complex mission systems. Key Responsibilities: • Define and deliver enterprise-grade PKI and trust infrastructures covering Root/Issuing CAs, Registration Authorities, Validation Authorities … GCP) environments • Knowledge of certificate auto-enrolment, key management, and hardware security modules (HSMs) • Familiarity with relevant standards and policies such as X.509, RFC5280, TLS, FIPS 140-3, and NCSC or NIST identity guidance • Background delivering within high-assurance, disconnected, or restricted network environments This contract offers the chance to take technical ownership of critical design elements within a secure More ❯

authentication, federation, and certificate management capabilities across highly assured platforms. Youll take a leading role in shaping resilient architectures within secure, air-gapped environments, ensuring compliance with MOD and NCSC principles while delivering practical, scalable solutions to complex mission systems. Key Responsibilities: Define and deliver enterprise-grade PKI and trust infrastructures covering Root/Issuing CAs, Registration Authorities, Validation Authorities … GCP) environments Knowledge of certificate auto-enrolment, key management, and hardware security modules (HSMs) Familiarity with relevant standards and policies such as X.509, RFC5280, TLS, FIPS 140-3, and NCSC or NIST identity guidance Background delivering within high-assurance, disconnected, or restricted network environments This contract offers the chance to take technical ownership of critical design elements within a secure More ❯

authentication, federation, and certificate management capabilities across highly assured platforms. Youll take a leading role in shaping resilient architectures within secure, air-gapped environments, ensuring compliance with MOD and NCSC principles while delivering practical, scalable solutions to complex mission systems. Key Responsibilities: Define and deliver enterprise-grade PKI and trust infrastructures covering Root/Issuing CAs, Registration Authorities, Validation Authorities … GCP) environments Knowledge of certificate auto-enrolment, key management, and hardware security modules (HSMs) Familiarity with relevant standards and policies such as X.509, RFC5280, TLS, FIPS 140-3, and NCSC or NIST identity guidance Background delivering within high-assurance, disconnected, or restricted network environments This contract offers the chance to take technical ownership of critical design elements within a secure More ❯

governance, processes, and operational practices Ensure continuous monitoring, evidence collection, and audit readiness for internal and external assessments Monitor developments in global cybersecurity regulations and frameworks (NIST CSF, UK NCSC guidance, EU NIS2, GDPR) Oversee sector-specific assurance requirements, including PCI DSS and NCSC CIR/CHECK, where applicable Provide expert advice to leadership on regulatory changes impacting SOC assurance … Strong understanding of SOC operations and security assurance frameworks Experience in customer-facing assurance activities, including audits, RFIs, and RFPs In-depth knowledge of NIST CSF, GDPR, and UK NCSC guidance Experience liaising with external auditors, regulators, and certification bodies Strong ability to develop and maintain compliance documentation and audit evidence Proven organisational skills managing multiple certifications and assurance projects More ❯

policy. Delivery Assurance : Embed security governance into acquisition programme milestones, ensuring traceability and accountability across all phases. Stakeholder Coordination : Act as the governance interface between DE&S, Defence Digital, NCSC, and industry partners. Risk & Compliance Oversight : Lead the identification, assessment, and mitigation of security risks across delivery workstreams. Policy Integration : Ensure alignment with JSP 440, JSP 604, and relevant Defence … Digital and NCSC guidance. Reporting & Assurance : Produce governance artefacts, assurance reports, and dashboards for senior stakeholders and programme boards. Audit & Accreditation Support : Facilitate security accreditation processes and support internal/external audits. Essential Skills & Experience Proven experience in security governance within MOD or UK Government programmes. Strong understanding of Secure by Design , Defence Digital frameworks , and MOD acquisition processes. Familiarity More ❯