1 to 25 of 29 NCSC Jobs in London

activities. Work with the Executive and project leadership to ensure security is represented in commercial proposals, assurance processes, and delivery planning. Maintain strong relationships with relevant external stakeholders (e.g. NCSC, NPSA), monitoring threat intelligence and security guidance. Operational Security & Risk Management Lead the design, implementation, and monitoring of controls across endpoint security, identity and access management, and cloud infrastructure (e.g. More ❯

advise where necessary Experience in software security design review Strong knowledge of Agile, DevSecOps, System Engineer and or equivalent Knowledge of security standards and secure development principles such as NCSC Secure Development & Deployment Guidance, OWASP, NIST Secure Software Development Framework (SSDF - 800-218), Microsoft Azure Secure Development best practices, ISO27001 Experience with Azure cloud infrastructure, particularly Azure PaaS service Experience More ❯

and analytical solutions Working knowledge of cloud orchestration and containerisation technologies, such as Docker and Kubernetes Working knowledge of DevOps, CI/CD and Infrastructure-as-Code Understanding of NCSC Cloud Security Principles and its practical implementations Aker Systems Attributes At Aker we work as a team, we are collaborative, hardworking, open, and delivery obsessed. There is no blame culture More ❯

review and improvement of the NAO's Disaster Recovery plans. o Ensuring our technical policies stay relevant and fit for purpose, and maintaining them in line with ISO27001 requirements, NCSC best practise, and alignment with HMG standards. o Support in develop and implement a Product Assurance framework with the GRC team. Own the process to deliver meaningful assurance as we More ❯

/CD) Familiar with scripting languages like PowerShell, YAML, JSON Expertise in application security tools and DevSecOps processes Understanding of key frameworks and standards (e.g. OWASP, NIST SSDF, ISO27001, NCSC) Experience with threat modelling, risk assessments, and secure design reviews Comfortable owning security strategy and tooling across complex, modern product landscapes Strong communicator. Able to engage confidently with both engineers More ❯

/CD) - Familiar with scripting languages like PowerShell, YAML, JSON - Expertise in application security tools and DevSecOps processes - Understanding of key frameworks and standards (e.g. OWASP, NIST SSDF, ISO27001, NCSC) - Experience with threat modelling, risk assessments, and secure design reviews - Comfortable owning security strategy and tooling across complex, modern product landscapes - Strong communicator - able to engage confidently with both engineers More ❯

/CD) Familiar with scripting languages like PowerShell, YAML, JSON Expertise in application security tools and DevSecOps processes Understanding of key frameworks and standards (e.g. OWASP, NIST SSDF, ISO27001, NCSC) Experience with threat modelling, risk assessments, and secure design reviews Comfortable owning security strategy and tooling across complex, modern product landscapes Strong communicator. Able to engage confidently with both engineers More ❯

/CD) Familiar with scripting languages like PowerShell, YAML, JSON Expertise in application security tools and DevSecOps processes Understanding of key frameworks and standards (e.g. OWASP, NIST SSDF, ISO27001, NCSC) Experience with threat modelling, risk assessments, and secure design reviews Comfortable owning security strategy and tooling across complex, modern product landscapes Strong communicator. Able to engage confidently with both engineers More ❯

/CD)- Familiar with scripting languages like PowerShell, YAML, JSON- Expertise in application security tools and DevSecOps processes- Understanding of key frameworks and standards (e.g. OWASP, NIST SSDF, ISO27001, NCSC)- Experience with threat modelling, risk assessments, and secure design reviews- Comfortable owning security strategy and tooling across complex, modern product landscapes- Strong communicator - able to engage confidently with both engineers More ❯

/CD) Familiar with scripting languages like PowerShell, YAML, JSON Expertise in application security tools and DevSecOps processes Understanding of key frameworks and standards (e.g. OWASP, NIST SSDF, ISO27001, NCSC) Experience with threat modelling, risk assessments, and secure design reviews Comfortable owning security strategy and tooling across complex, modern product landscapes Strong communicator. Able to engage confidently with both engineers More ❯

people who can make a real impact. Core technical skills include: Incident response and threat hunting Identity and access management Zero Trust architecture Familiarity with UK regulatory standards and NCSC guidance Certifications often requested: CISSP, CISM, CISA CompTIA Security+ ISO 27001 Cloud security credentials (e.g. AWS or Azure certification) Soft skills are playing a bigger role too: Strong communication, especially More ❯

and client environments What You'll Bring Strong experience in cyber strategy, risk management, governance, architecture, and regulatory compliance Familiarity with frameworks and standards such as NIST CSF, ISO27001, NCSC CAF, GDPR, and NIS2 Industry-recognised certifications (e.g. CISSP, CISM, CISA, M.Inst.ISP, or equivalent) Practical experience in GRC, threat and vulnerability management, or operational resilience Proven delivery across complex programmes More ❯

UK. NPPV3 Clearance is essential, and you must be based in the UK. Key Skills and Experience: Extensive experience applying standards such as ISO27001 , NIST , JSP440/JSP604 , and NCSC guidance Proven background in information risk management , governance , and security assurance Experience leading or contributing to risk assessments , audits , and security documentation Strong knowledge of technical and organisational controls , including More ❯

cyber risk, cyber maturity, security architecture, cyber transformation and regulatory compliance for cyber. Experience of various recognised cyber security relevant standards and regulations, such as NIST CSF, CRI2.0, ISO27001, NCSC CAF, GDPR and NIS2. Experience working in a variety of environments or organisational contexts to develop cyber strategy and manage cyber risk. Desire to work with large organisations trying to More ❯

cyber risk, cyber maturity, security architecture, cyber transformation and regulatory compliance for cyber. Experience of various recognised cyber security relevant standards and regulations, such as NIST CSF, CRI2.0, ISO27001, NCSC CAF, GDPR and NIS2. Experience working in a variety of environments or organisational contexts to develop cyber strategy and manage cyber risk. Desire to work with large organisations trying to More ❯

cyber risk, cyber maturity, security architecture, cyber transformation and regulatory compliance for cyber. Experience of various recognised cyber security relevant standards and regulations, such as NIST CSF, CRI2.0, ISO27001, NCSC CAF, GDPR and NIS2. Experience working in a variety of environments or organisational contexts to develop cyber strategy and manage cyber risk. Desire to work with large organisations trying to More ❯

with this award winning MSSP who deliver a wide range of Cyber security services to private and public sectors. A Crest accredited security business on multiple Crown Supplier + NCSC frameworks, they now require 2 additional BDM's to drive their security services growth. The Role? As a new Business Development Manager you will sell into new logo customers across More ❯

Smart energy and metering Oil and gas Water Civil Nuclear Transport (including aviation, rail, maritime, road and autonomous vehicles) Wider critical infrastructure Security standards relating to the sector, including: NCSC NIS Guidance and CAF ISO 27001 and ISO 27005 NERC CIP ISA-99/IEC 62443 NIST CSF. Additional information Please note that the interview stages may be subject to More ❯

utilities, or similar regulated sectors. Strong understanding of Operational Technology (OT) environments, with hands-on experience in securing and modernising legacy systems, including DCS, SCADA, and ICS, aligned to NCSC CAF, IEC 62443, and NIST 800-82. Direct experience supporting Ofgem regulatory reporting and compliance, including preparation of ISSA returns, evidence packs, and action tracking in line with NIS More ❯

Guidelines). Has a comprehensive understanding of what it takes to comply with cyber security industry standards and frameworks in practise (e.g. ISO 27001, NIST CSF, SP 800-53, NCSC CAF, Cyber Essentials). Has a thorough understanding of cyber security threat and risk with the ability to think like an attacker and design controls that make a real difference. More ❯

Open Source BPMN workflow engines (Camunda, Activiti or Flowable) Experience on a front-end javascript framework such as react, angular or vue.js RedHat OpenShift for container orchestration Knowledge of NCSC's 14 cloud security principles. SC Clearance: Zaizi works with UK Central Government departments on a range of projects. To be able to work on our customer projects, employees must More ❯

virtualization technologies like VMware, and software technologies such as Apache, Docker, Hadoop, MySQL, and network services (DHCP, DNS, LDAP) is essential. Experience working within governance frameworks like the National Cyber Security Centre guidance and the Government Digital Service Technology Code of Practice is desirable. You should have excellent analytical and problem-solving skills, a methodical approach, and strong decision-making More ❯

Brilliant organisational skills with forensic attention to detail Comfortable working cross-functionally with high-performing teams Proficient in Google Suite & MS Office Bonus Points: Prior experience working with MOD, NCSC, or NATO vetting systems Experience in multinational or public sector environments Familiarity with performance dashboards or security metrics More ❯

What you'll need: Proven experience working within Information Security. Strong understanding and working knowledge of industry best practices of frameworks and standards (e.g., ISO27000, ISF, NIST, CIS, National Cyber Security Centre, ISMS, PCI/DSS) or similar. Strong understanding of laws and regulations relating to the protection of information i.e., GDPR. Good understanding cloud architecture, security models, and best More ❯

patching, and application deployments. OpManager Manage Engine Password Manager Windows Server OSes Windows 10 & 11 Desktop MS 365 Apps The ideal candidate will possess a solid understanding of CIS & NCSC security best practices, along with expertise in Pen Testing and Vulnerability remediation. Requirements Strong technical skills in VMware, Veeam, HPE, SCCM, and more. Confidence in on-site client support in More ❯