Cybersecurity & Risk Engineer
(Contract – [Northwood, United Kingdom] – NATO Project)
We are seeking a
Cybersecurity & Risk Engineer to support mission-critical NATO operations. This is a hands-on cybersecurity position that combines technical vulnerability analysis with security accreditation, compliance, and risk assessment for deployable communications and information systems (CIS).
What You’ll Do - Conduct vulnerability scanning using tools such as Tenable/Nessus, Qualys, or OpenVAS
- Develop, maintain, and review Security Accreditation documentation in line with NIST RMF, DoD RMF, and ISO 27001
- Perform and support Security Risk Assessments (SRA) across CIS assets
- Coordinate and track remediation activities with technical teams
- Ensure systems meet NATO operational and cybersecurity requirements
- Deploy occasionally in support of NATO operations (fitness and readiness required)
What We’re Looking For - Proven experience in cybersecurity vulnerability assessment and risk management
- Strong knowledge of security frameworks (NIST RMF, ISO 27001, DoD RMF, ITIL)
- Hands-on experience with vulnerability management tools
- Certifications such as CISSP, CISM, CRISC, or CAP (required)
- ITIL v4 Foundation or higher
- Strong communication skills for working across multinational teams
- Ability to travel and work in operational environments (including aboard NATO vessels)
Why Join? - Work on a high-impact NATO programme at the forefront of international cybersecurity
- Apply both your technical expertise and compliance knowledge in a challenging environment
- Be part of a team ensuring that critical systems remain secure, accredited, and mission-ready
Security Clearance required – candidates must be eligible to obtain NATO Secret (or equivalent).
