Overview

The NCC is a not-for-profit organisation supporting manufacturing innovation across 16 sectors in the UK.

We’re looking for a Cyber Security Engineer to join our expanding IT department as a new member providing guidance and hands-on cyber security support. You’ll work within a small, skilled and friendly team to help protect NCC from cyber security threats.

Location and Package

Bristol based with hybrid working (3-4 days per week in office)

Salary: Competitive salaries plus 12.5% employer pension, private medical insurance and additional benefits package.

Government Security Clearance: to the nature of our business, all employment is subject to satisfactory references being obtained alongside a level of government security clearance.

Closing Date: 30 October – We reserve the right to withdraw adverts earlier if required.

Responsibilities

• Primarily work on IT projects & programmes across IT Defence Portfolio, providing consultative and hands-on design, implementation, and ongoing maintenance of security controls across hybrid and on-premises IT environments.
• Ensure infrastructure platforms and services are secure, resilient, and compliant with internal policies and relevant external regulations, with a focus on Microsoft technologies and integrated toolsets.
• Maintain and optimise operational security processes.
• Provide advice on implementing and managing physical, procedural and technical security for both physical and digital assets.
• Collate, define, and enforce secure configuration baselines and hardening standards aligned with security obligations and industry frameworks (e.g., CIS Benchmarks, Microsoft Security Baselines).
• Conduct threat modelling and risk assessments to identify vulnerabilities or compliance gaps.
• Maintain and manage Software Bills of Materials (SBOMs).
• Assist with integrating security monitoring, logging, and alerting capabilities.
• Create and review technical documentation, including security architecture designs, risk assessments, risk mitigation plans, and security operations procedures.
• Perform security validation, configuration assessments, and support UAT for security-related features.
• Collate and analyse information for threat intelligence from multiple sources.
• Design and execute complex vulnerability research activities.
• Provide guidance, support and mentoring to other IT Engineers as requested by the IT Leadership team or line manager.

What we’re looking for in your application

We welcome diverse applications and experience from different industries. Specific experience we will look for includes:

• Willingness and eligibility to undertake government security clearances.
• Experience as a senior or independent Cyber Security or IT Infrastructure Security specialist.
• Strong technical knowledge of Microsoft-based environments across on-prem and cloud.
• Understanding of network security principles, including firewalls, segmentation, and secure remote access.
• Knowledge of identity and access management (IAM), including MFA, RBAC, and conditional access policies.
• Familiarity with common regulatory and compliance frameworks (e.g., NIST, CIS Controls, ISO 27001, Cyber Essentials Plus).
• Experience aligning infrastructure builds with cyber security standards such as NCSC guidance, CIS benchmarks, or Microsoft Security Baselines.
• Experience implementing monitoring, logging, and alerting toolsets including SIEM and threat detection platforms.
• Understanding of data classification, encryption, and secure storage/access principles.
• Familiarity with endpoint protection platforms and vulnerability management tools.
• Experience securing hybrid identity solutions and federated authentication models.
• Understanding of security automation concepts, including SOAR, and ability to script or automate repetitive tasks.

What we offer in return

Flexible working patterns as standard, annual salary reviews, company paid private medical insurance, up to 12.5% employer pension contribution, great people, honorary staff status at the University of Bristol. We focus on wellbeing, EDI and learning and development to help you build your career in a thriving R&D facility.

Application notes

Unsure if you should apply? Reach out to the recruitment team, Jon Barratt, via LinkedIn.