1 to 25 of 180 NCSC Jobs in the UK

of delivering security solutions for large-scale infrastructure, transformation or integration programmes Practical knowledge and understanding of industry security frameworks and guidance such as NIST CSF, NIST 800-53, NCSC CAF and other NCSC guidelines Good knowledge of networking (switching, routing, firewalls) Experience with the design concepts associated with adoption of Cloud platforms (AWS and/or Microsoft Azure) An More ❯

involves ensuring compliance with security standards, managing incidents, and collaborating with internal and external stakeholders. Key Responsibilities : Lead and manage the Cyber Security Operations team. Ensure compliance with security standards (ISO27001, NCSC CAF). Manage security incidents and vulnerabilities. Collaborate with third-party suppliers and internal teams. Provide expert advice on security technologies and processes. Requirements : Proven team leadership experience.Strong … inquiries and establish the team as the primary resource for advice. Efficiently manage the workload of personnel, ensuring timely completion of tasks and continuous improvement. Ensure continued compliance with NCSC, DHSC Cyber Assessment Framework, and HM Government Cyber security strategy. Develop, maintain, and promote security procedures and standards in line with NHSBSA requirements. Implement, monitor, and report on agreed service … compliance with the National Cyber Security Centre (NCSC) an the Department of Health and Social Care (DHSC) Cyber Assessment Framework (CAF)and continued adherence to HM Government Cyber security strategy and NCSC standards and best practice. 7. Supports the strategic direction of the Cyber security operation function by the development, maintenance, promotion and stewardship of Security Procedures and Standards, in More ❯

technical stakeholders. Experience delivering assessments under the CHECK scheme (e.g., as a CHECK Team Member/Leader) - desirable Knowledge of UK public sector security and data protection standards (e.g., NCSC, Cyber Essentials Plus) - desirable Threat modelling and secure design practices - desirable Role/Responsibilities: Perform penetration testing and vulnerability assessments of web applications, APIs, and cloud infrastructure. Evaluate the automated … secure code practices. Provide expert input on cloud security (AWS, Azure, or GCP) and DevSecOps tooling. Assist in maintaining security assurance across the SDLC in line with company and NCSC guidelines. If you are interested in the above role, please click Apply Now and send a CV for quick review. As a member of the Disability Confident Scheme, Circle and More ❯

It would be nice if you had: Excellent understanding of the engineering lifecycle and key gate review activities. Knowledge of current Crypto technologies,Key ManagementSystems & practicalCOMSECimplementations and MOD/NCSC standards. Knowledge or experience of ARP4754A/ARP4761 and its interrelationship with security. Security Clearance You must be eligible for full security clearance. For more information and guidance please visit … including Defence, Telecommunications, Energy and Finance to help secure national infrastructure and commerce in the UK and beyond. Our Practice is certified by the UK National Cyber Security Centre (NCSC) in the provision of advice and guidance to our customers. At Leonardo UK, we believe that a diverse and inclusive work environment unlocks our people's full potential and drives More ❯

portfolio worth hundreds of millions of pounds. Working with product owners, delivery managers and enterprise architects, you will ensure every new or changed service conforms to Home Office and NCSC standards while enabling rapid, user centred delivery. You will analyse emerging threats, advise on proportional mitigations, and produce or tailor reference patterns covering identity, network segmentation, container security, data protection More ❯

advise where necessary Experience in software security design review Strong knowledge of Agile, DevSecOps, System Engineer and or equivalent Knowledge of security standards and secure development principles such as NCSC Secure Development & Deployment Guidance, OWASP, NIST Secure Software Development Framework (SSDF - 800-218), Microsoft Azure Secure Development best practices, ISO27001 Experience with Azure cloud infrastructure, particularly Azure PaaS service Experience More ❯

and analyse the security logs and alerts generated by these technologies and take appropriate actions. Cyber Security Frameworks : Working knowledge of Cyber Essentials, ISO27001:2022, CSA Cloud Controls Matrix, NCSC CAF and GDPR, is important to ensure that data is being managed. Programming and scripting: Proficient programming and scripting skills to automate security tasks, develop custom security scripts and tools More ❯

secure code practices. Provide expert input on cloud security (AWS, Azure, or GCP) and DevSecOps tooling. Assist in maintaining security assurance across the SDLC in line with MoJ and NCSC guidelines. Essential Criteria Penetration testing, ethical hacking, or vulnerability assessments. Security testing tools (e.g., Burp Suite, OWASP ZAP, Nikto, Nmap, Metasploit, etc.). DevSecOps principles and tools (e.g., Veracode, SonarQube … stakeholders. Desirable Experience delivering assessments under the CHECK scheme (e.g., as a CHECK Team Member/Leader). Knowledge of UK public sector security and data protection standards (e.g., NCSC, Cyber Essentials Plus). Threat modelling and secure design practices. Cyber Security Engineer - London (Hybrid) - 700 per day inside IR35 - 4 months+ Damia Group Limited acts as an employment agency More ❯

Digital, Data and Technology (DDaT) function, working as part of the enterprise architecture team. You’ll be responsible for embedding Secure by Design principles, shaping architecture in line with NCSC best practice , and supporting delivery teams with proportionate, risk-based controls. Key Responsibilities: Lead the end-to-end design of secure systems and services across cloud and hybrid environments Review … and assure architectures against NCSC guidance, ISO 27001, and internal security frameworks Work closely with project, architecture, SecOps and assurance teams to embed secure-by-design principles Conduct threat modelling, risk assessments, and architectural reviews across platforms and programmes Translate complex security risks into clear, actionable strategies for technical and non-technical stakeholders Contribute to the development of reusable security … artefacts – including patterns, reference architectures, and risk traceability tools Support stakeholder engagement across internal departments, delivery partners, and external agencies (e.g. GDS, NCSC) Required Skills & Experience: Proven experience in a senior security architecture role, ideally within public sector or regulated environments Strong understanding of cloud and enterprise security across Azure, AWS, or GCP Deep knowledge of Secure by Design, Zero More ❯

involves ensuring compliance with security standards, managing incidents, and collaborating with internal and external stakeholders. Key Responsibilities: Lead and manage the Cyber Security Operations team. Ensure compliance with security standards (ISO27001, NCSC CAF). Manage security incidents and vulnerabilities. Collaborate with third-party suppliers and internal teams. Provide expert advice on security technologies and processes. Requirements: Proven team leadership experience.Strong … inquiries and establish the team as the primary resource for advice. Efficiently manage the workload of personnel, ensuring timely completion of tasks and continuous improvement. Ensure continued compliance with NCSC, DHSC Cyber Assessment Framework, and HM Government Cyber security strategy. Develop, maintain, and promote security procedures and standards in line with NHSBSA requirements. Implement, monitor, and report on agreed service … compliance with the National Cyber Security Centre (NCSC) an the Department of Health and Social Care (DHSC) Cyber Assessment Framework (CAF)and continued adherence to HM Government Cyber security strategy and NCSC standards and best practice. 7. Supports the strategic direction of the Cyber security operation function by the development, maintenance, promotion and stewardship of Security Procedures and Standards, in More ❯

be nice if you had: Excellent understanding of the engineering lifecycle and key gate review activities. Knowledge of current Cryptographic technologies,Key ManagementSystems & practicalCOMSECimplementations in line with MOD/NCSC standards. Knowledge or experience of Cyber Security & Airworthiness (RCTA-DO-326A/B, 355A & 356A). Security Clearance You must be eligible for full security clearance. For more information and … including Defence, Telecommunications, Energy and Finance to help secure national infrastructure and commerce in the UK and beyond. Our Practice is certified by the UK National Cyber Security Centre (NCSC) in the provision of advice and guidance to our customers. At Leonardo UK, we believe that a diverse and inclusive work environment unlocks our people's full potential and drives More ❯

be nice if you had: Excellent understanding of the engineering lifecycle and key gate review activities. Knowledge of current Cryptographic technologies,Key ManagementSystems & practicalCOMSECimplementations in line with MOD/NCSC standards. Knowledge or experience of Cyber Security & Airworthiness (RCTA-DO-326A/B, 355A & 356A). Security Clearance You must be eligible for full security clearance. For more information and … including Defence, Telecommunications, Energy and Finance to help secure national infrastructure and commerce in the UK and beyond. Our Practice is certified by the UK National Cyber Security Centre (NCSC) in the provision of advice and guidance to our customers. At Leonardo UK, we believe that a diverse and inclusive work environment unlocks our people's full potential and drives More ❯

/CD) Familiar with scripting languages like PowerShell, YAML, JSON Expertise in application security tools and DevSecOps processes Understanding of key frameworks and standards (e.g. OWASP, NIST SSDF, ISO27001, NCSC) Experience with threat modelling, risk assessments, and secure design reviews Comfortable owning security strategy and tooling across complex, modern product landscapes Strong communicator - able to engage confidently with both engineers More ❯

/CD) Familiar with scripting languages like PowerShell, YAML, JSON Expertise in application security tools and DevSecOps processes Understanding of key frameworks and standards (e.g. OWASP, NIST SSDF, ISO27001, NCSC) Experience with threat modelling, risk assessments, and secure design reviews Comfortable owning security strategy and tooling across complex, modern product landscapes Strong communicator - able to engage confidently with both engineers More ❯

which are critical to UK defence and national security. To deliver this outcome, you must be passionate about cyber security and apply your deep understanding and experience of HMG, NCSC, and international cyber standards. The role will require excellent stakeholder management and communication skills to build the trust and support necessary for successful outcomes. You will be supported by team More ❯

performance appropriately by providing constructive feedback and take action where performance falls below the expected standard. Participate/work with external groups and stakeholders for the organisation such as NCSC, EMGWARP, auditors and accreditors as required. Person Specification Technical knowledge and experience Expert knowledge and understanding of security and system architectures; the relevant technologies, tools and platforms, best modern practice More ❯

Excellent communicator with the ability to influence at all levels Passionate about cloud innovation and continuous security improvement Microsoft Azure Security Engineer Associate or AWS equivalent Cyber Essentials/NCSC certification (or similar) Why Join? Be part of a high-profile modernisation programme at a critical juncture Join a newly formed Cloud Centre of Excellence and shape its future Enjoy More ❯

Excellent communicator with the ability to influence at all levels Passionate about cloud innovation and continuous security improvement Microsoft Azure Security Engineer Associate or AWS equivalent Cyber Essentials/NCSC certification (or similar) Why Join? Be part of a high-profile modernisation programme at a critical juncture Join a newly formed Cloud Centre of Excellence and shape its future Enjoy More ❯

System Hardening, Cryptographic Controls (PKI, Data at Rest/In Transit), Protective Monitoring, and Security Auditing. Strong understanding of the ISO 27000 series, NIST Cyber Security & Risk Management Frameworks, NCSC CAF, and other industry standards. Familiarity with NCSC guidance and legacy Information Assurance (IA) standards. Experience with MOD security frameworks including JSP 604, JSP 440, JSP 902, and DEFCON 659A. More ❯

such as Prometheus, Grafana, ELK, or Splunk Scripting knowledge (Python, Bash, or PowerShell) Desirable: Experience working within government or defence sectors Knowledge of compliance frameworks such as ISO 27001, NCSC guidelines or Cyber Essentials Plus Certifications such as AWS Certified DevOps Engineer, CKA, CISSP, or similar Familiarity with Zero Trust architectures and secure supply chain practices More ❯

security requirements into secure, compliant, and cost-effective Azure solutions. Collaborate with cybersecurity teams to ensure solutions meet UK government security classifications, accreditation processes, and relevant compliance frameworks (eg NCSC, MOD JSP, ISO 27001). Support deployment automation and Infrastructure-as-Code (IaC) approaches leveraging Azure Resource Manager (ARM), Bicep, or Terraform. Conduct Azure cost optimisation, performance tuning, and cloud More ❯

by attainment of appropriate qualifications e.g. CISSP, ISO27001 Lead Implementor or relevant SANS GIAC or equivalent Knowledge of the NIST framework, PCI DSS, GDPR and NIS as well as NCSC cyber guidance. Experience working in an agile delivery environment would be highly advantageous. Specific cyber knowledge and demonstrable experience in at least one of the following areas: Cloud security, network More ❯

by attainment of appropriate qualifications e.g. CISSP, ISO27001 Lead Implementor or relevant SANS GIAC or equivalent Knowledge of the NIST framework, PCI DSS, GDPR and NIS as well as NCSC cyber guidance. Experience working in an agile delivery environment would be highly advantageous. Specific cyber knowledge and demonstrable experience in at least one of the following areas: Cloud security, network More ❯

platform lockdown and configurations. It would be nice if you had: Understanding of the engineering lifecycle. Knowledge of current Cryptographic technologies,Key ManagementSystems & practicalCOMSECimplementations in line with MOD/NCSC standards. Knowledge of Cyber Security & Airworthiness (RCTA-DO-326A/B, 355A & 356A). Security Clearance You must be eligible for full security clearance. For more information and guidance please … including Defence, Telecommunications, Energy and Finance to help secure national infrastructure and commerce in the UK and beyond. Our Practice is certified by the UK National Cyber Security Centre (NCSC) in the provision of advice and guidance to our customers. At Leonardo UK, we believe that a diverse and inclusive work environment unlocks our people's full potential and drives More ❯

to undergo DBS and Counter Terrorist Check. It would be great if you had: Certifications such as CISSP, or other relevant qualifications. Experience with additional frameworks (e.g., SOC2, NIST, NCSC CAF). More than 2 years’ experience delivering IT or cybersecurity solutions. Benefits: 30 days annual leave + 8 bank holidays Additional day off for your birthday 3% employer pension More ❯