Cybersecurity & Risk Engineer

Cybersecurity & Risk Engineer



(Contract – [Northwood, United Kingdom] – NATO Project)



We are seeking a Cybersecurity & Risk Engineer to support mission-critical NATO operations. This is a hands-on cybersecurity position that combines technical vulnerability analysis with security accreditation, compliance, and risk assessment for deployable communications and information systems (CIS).



What You’ll Do

Conduct vulnerability scanning using tools such as Tenable/Nessus, Qualys, or OpenVAS

Develop, maintain, and review Security Accreditation documentation in line with NIST RMF, DoD RMF, and ISO 27001

Perform and support Security Risk Assessments (SRA) across CIS assets

Coordinate and track remediation activities with technical teams

Ensure systems meet NATO operational and cybersecurity requirements

Deploy occasionally in support of NATO operations (fitness and readiness required) What We’re Looking For

Proven experience in cybersecurity vulnerability assessment and risk management

Strong knowledge of security frameworks (NIST RMF, ISO 27001, DoD RMF, ITIL)

Hands-on experience with vulnerability management tools

Certifications such as CISSP, CISM, CRISC, or CAP (required)

ITIL v4 Foundation or higher

Strong communication skills for working across multinational teams

Ability to travel and work in operational environments (including aboard NATO vessels) Why Join?

Work on a high-impact NATO programme at the forefront of international cybersecurity

Apply both your technical expertise and compliance knowledge in a challenging environment

Be part of a team ensuring that critical systems remain secure, accredited, and mission-ready Security Clearance required – candidates must be eligible to obtain NATO Secret (or equivalent)