Cybersecurity & Risk Engineer

Cybersecurity & Risk Engineer

(Contract - Northwood, United Kingdom - NATO Project)

We are seeking a Cybersecurity & Risk Engineerto support mission-critical NATO operations. This is a hands-on cybersecurity position that combines technical vulnerability analysis with security accreditation, compliance, and risk assessment for deployable communications and information systems (CIS).

What You'll Do

• Conduct vulnerability scanning using tools such as Tenable/Nessus, Qualys, or OpenVAS
• Develop, maintain, and review Security Accreditation documentation in line with NIST RMF, DoD RMF, and ISO 27001
• Perform and support Security Risk Assessments (SRA) across CIS assets
• Coordinate and track remediation activities with technical teams
• Ensure systems meet NATO operational and cybersecurity requirements
• Deploy occasionally in support of NATO operations (fitness and readiness required)

What We're Looking For

• Proven experience in cybersecurity vulnerability assessment and risk management
• Strong knowledge of security frameworks (NIST RMF, ISO 27001, DoD RMF, ITIL)
• Hands-on experience with vulnerability management tools
• Certifications such as CISSP, CISM, CRISC, or CAP (required)
• ITIL v4 Foundation or higher
• Strong communication skills for working across multinational teams
• Ability to travel and work in operational environments (including aboard NATO vessels)

Why Join?

• Work on a high-impact NATO programme at the forefront of international cybersecurity
• Apply both your technical expertise and compliance knowledge in a challenging environment
• Be part of a team ensuring that critical systems remain secure, accredited, and mission-ready

Security Clearance required - candidates must be eligible to obtain NATO Secret (or equivalent).