1 to 25 of 167 NCSC Jobs in the UK excluding London

/residing in UK Strong working knowledge of: JSP440, JSP604/453, JSP490 MOD/GDS Secure by Design principles ISO 27001, NIST CSF, CIS Controls v8 HMG, NPSA, NCSC policies and guidance Cloud security (Azure, AWS), containerisation, KMS, WAFs Event-driven microservices, network infrastructure, IDS/IPS AI security (ISO42001 desirable), ITHC scoping and remediation Threat modelling (Kill Chain More ❯

Assurance and Risks. Security related legislation (e.g. GDPR, PCI DSS, ICO requirements). Security Control Frameworks such as ISO 27001, NIST CSF and CIS Controls v8. HMG, NPSA and NCSC security policies, standards and guidance. Have experience building and implementing secure by design principals within the software development lifecycle (SDLC). Threat Modelling - Kill Chain - Attack tree analysis. Working understanding More ❯

Assurance and Risks. Security related legislation (e.g. GDPR, PCI DSS, ICO requirements). Security Control Frameworks such as ISO 27001, NIST CSF and CIS Controls v8. HMG, NPSA and NCSC security policies, standards and guidance. Have experience building and implementing secure by design principals within the software development lifecycle (SDLC). Threat Modelling - Kill Chain - Attack tree analysis. Working understanding More ❯

/CD) Familiarity with scripting languages like PowerShell, YAML, JSON Hands-on with application security tools and DevSecOps processes Understanding of frameworks and standards like OWASP, NIST SSDF, ISO27001, NCSC Experience with threat modelling, risk assessments, and secure design reviews Confident owning security strategy and tooling across complex product landscapes A strong communicator - able to engage with engineers and execs More ❯

secure solutions from the ground up. What You'll Do Lead or support the delivery of secure systems, cloud configurations, or network designs. Apply security frameworks (ISO27001, NIST CSF, NCSC CAF) in real-world projects. Conduct threat modelling and recommend proportionate controls. Translate technical risk into clear business language for stakeholders. Deliver high-quality outputs and support wider project teams. More ❯

secure solutions from the ground up. What You'll Do Lead or support the delivery of secure systems, cloud configurations, or network designs. Apply security frameworks (ISO27001, NIST CSF, NCSC CAF) in real-world projects. Conduct threat modelling and recommend proportionate controls. Translate technical risk into clear business language for stakeholders. Deliver high-quality outputs and support wider project teams. More ❯

secure solutions from the ground up. What You'll Do Lead or support the delivery of secure systems, cloud configurations, or network designs. Apply security frameworks (ISO27001, NIST CSF, NCSC CAF) in real-world projects. Conduct threat modelling and recommend proportionate controls. Translate technical risk into clear business language for stakeholders. Deliver high-quality outputs and support wider project teams. More ❯

secure architectures, incorporating identity, access management, encryption, and network security. Conduct cloud security assessments and gap analyses for UK-based organisations. Advise on compliance with UK regulations (e.g. GDPR, NCSC Cloud Security Principles, ISO 27001). Develop and enforce cloud security policies, procedures, and governance models. Lead threat modelling, risk assessments, and vulnerability management initiatives. Configure and manage security tools More ❯

security certification. Desirable • Full Membership of the Chartered Institute of Information Security (CIISec) — highly desirable. • Chartered or Principal status via the UK Cyber Security Council for Secure Systems Architecture. • NCSC Certified Cyber Professional (CCP) in Security Architecture. • IEng or CEng registered with a UK engineering body. • Chartership through BCS, The Chartered Institute for IT. • SABSA Chartered Security Architect. Why Join More ❯

security certification. Desirable • Full Membership of the Chartered Institute of Information Security (CIISec) — highly desirable. • Chartered or Principal status via the UK Cyber Security Council for Secure Systems Architecture. • NCSC Certified Cyber Professional (CCP) in Security Architecture. • IEng or CEng registered with a UK engineering body. • Chartership through BCS, The Chartered Institute for IT. • SABSA Chartered Security Architect. Why Join More ❯

security certification. Desirable • Full Membership of the Chartered Institute of Information Security (CIISec) — highly desirable. • Chartered or Principal status via the UK Cyber Security Council for Secure Systems Architecture. • NCSC Certified Cyber Professional (CCP) in Security Architecture. • IEng or CEng registered with a UK engineering body. • Chartership through BCS, The Chartered Institute for IT. • SABSA Chartered Security Architect. Why Join More ❯

environments Hands-on knowledge of cloud platforms , CI/CD pipelines , and scripting (PowerShell, YAML, JSON, etc.) Familiarity with frameworks and standards such as OWASP , NIST SSDF , ISO27001 , or NCSC Practical experience with threat modelling , security tooling , and risk assessments Excellent communication skills, able to influence and engage at all levels from developers to execs A collaborative, proactive approach to More ❯

security through design and delivery. Background in the defence, maritime, or critical national infrastructure environment. Skills & Qualifications: Degree (or equivalent experience) in a relevant STEM or Information Security discipline. NCSC CCP SIRA status (or ability to achieve). Membership of a relevant professional body. Strong stakeholder engagement, leadership, and mentoring capabilities. Why Join? This is an opportunity to play a More ❯

the training you will sit an industry wide qualification (such as CRT or CSTM) before commencing billable client facing work. After gaining CRT or CSTM, you will apply to NCSC for CHECK Team Member accreditation. Transition into client-facing delivery work with confidence and credibility Build a strong foundation in penetration testing and consultancy, ready to specialise or broaden into More ❯

the training you will sit an industry wide qualification (such as CRT or CSTM) before commencing billable client facing work. After gaining CRT or CSTM, you will apply to NCSC for CHECK Team Member accreditation. Transition into client-facing delivery work with confidence and credibility Build a strong foundation in penetration testing and consultancy, ready to specialise or broaden into More ❯

the training you will sit an industry wide qualification (such as CRT or CSTM) before commencing billable client facing work. After gaining CRT or CSTM, you will apply to NCSC for CHECK Team Member accreditation. Transition into client-facing delivery work with confidence and credibility Build a strong foundation in penetration testing and consultancy, ready to specialise or broaden into More ❯

the training you will sit an industry wide qualification (such as CRT or CSTM) before commencing billable client facing work. After gaining CRT or CSTM, you will apply to NCSC for CHECK Team Member accreditation. Transition into client-facing delivery work with confidence and credibility Build a strong foundation in penetration testing and consultancy, ready to specialise or broaden into More ❯

the training you will sit an industry wide qualification (such as CRT or CSTM) before commencing billable client facing work. After gaining CRT or CSTM, you will apply to NCSC for CHECK Team Member accreditation. Transition into client-facing delivery work with confidence and credibility Build a strong foundation in penetration testing and consultancy, ready to specialise or broaden into More ❯

of the UKs most sensitive programmes. What Youll Do Design & implement secure cloud architectures (IAM, encryption, VPC). Lead risk assessments, gap analyses & threat modelling. Advise on compliance (GDPR, NCSC Principles, ISO 27001). Configure cloud-native security tools & integrate with SIEM (Splunk, Chronicle). Embed security in CI/CD pipelines with DevOps teams. Support incident response & recovery for More ❯

regular testing of the Cyber Incident Response Plan. Championing cyber awareness through organisation-wide training, campaigns, and engagement. Building effective relationships with internal teams and external partners, including NHS, NCSC, and Counter Fraud Services. To be successful in this role, you will need: A Master's degree (or equivalent experience) in Cyber Security, IT, or a related field. Professional certifications More ❯

s privileged security baseline. Be familiar designing and implementing closed loop credential management workflows. Stay ahead of the security curve and make best practice recommendations to senior management (NIST, NCSC etc.) Be able to work autonomously on complex projects, gathering key information and making appropriate recommendations. Design, implement, and manage the PAM system to ensure the confidentiality, integrity, and availability More ❯

s privileged security baseline. Be familiar designing and implementing closed loop credential management workflows. Stay ahead of the security curve and make best practice recommendations to senior management (NIST, NCSC etc.) Be able to work autonomously on complex projects, gathering key information and making appropriate recommendations. Design, implement, and manage the PAM system to ensure the confidentiality, integrity, and availability More ❯

s privileged security baseline. Be familiar designing and implementing closed loop credential management workflows. Stay ahead of the security curve and make best practice recommendations to senior management (NIST, NCSC etc.) Be able to work autonomously on complex projects, gathering key information and making appropriate recommendations. Design, implement, and manage the PAM system to ensure the confidentiality, integrity, and availability More ❯

s privileged security baseline. Be familiar designing and implementing closed loop credential management workflows. Stay ahead of the security curve and make best practice recommendations to senior management (NIST, NCSC etc.) Be able to work autonomously on complex projects, gathering key information and making appropriate recommendations. Design, implement, and manage the PAM system to ensure the confidentiality, integrity, and availability More ❯

s privileged security baseline. Be familiar designing and implementing closed loop credential management workflows. Stay ahead of the security curve and make best practice recommendations to senior management (NIST, NCSC etc.) Be able to work autonomously on complex projects, gathering key information and making appropriate recommendations. Design, implement, and manage the PAM system to ensure the confidentiality, integrity, and availability More ❯