At least ONE of the following certifications:
- Certified Information Security Systems Professional (CISSP)
- Certified Information Security Manager (CISM)
- Certified Information Systems Auditor (CISA)
At least TWO of the following certifications:
- CompTIA Security+
- Certified Cloud Security Professional (CCSP)
- Systems Security Certified Practitioner (SSCP)
- GIAC Security Essentials Certification (GSEC)
- Certified in Risk and Information Systems Control (CRISC)
- ISO 27001 Lead Auditor
- ISO 27001 Lead Implementer
- Experience of NCSC’s Cyber Assurance Framework (CAF), NIST Cyber Security Framework (CSF), NIST SP 800-53, ISO 27001 and HMG regulations, or alternative IT in defence and security
- Knowledge of IT Security risk assessment processes and ability to identify a proportionate set of IT Security controls aligned with business objectives.
- Cross-security domain approaches and solutions
- Experience of operating in Critical National Infrastructure (CNI) and the requirements around cyber security and operational resilience
- Understanding of threats in a government, mission and critical national infrastructure environments.
- In-depth assessment of IT systems, cloud offerings (IaaS, PaaS and SaaS), services and IT Security controls to provide an independent view of their compliance and effectiveness with Security Policy, IT Security standards and external regulatory requirements.
- Assessing architectural designs to determine whether the relevant IT Security controls have been identified in line with business objectives and risk mitigation.
- Analysis, creation and compilation of relevant documentation determining the compliance level of systems and services, technical security controls with applicable certification, accreditation, and internal policy requirements
- Stakeholder engagement; promoting a mind-set of developing secure systems, transferring knowledge of security standards / processes and acting as a subject matter expert (SME)
We actively recruit citizens of all backgrounds, but the nature of our work in specific departments means that nationality, residency and security requirements can be more tightly defined than others. You will be asked about this throughout the recruitment process. To work at NPL, you will need to obtain BPSS security clearance.
Please note: Applications will be reviewed, and interviews conducted throughout the duration of this advert therefore we may at any time bring the closing date forward. We encourage all interested applicants to apply as soon as practical.