Secure by Design DefStan 05-139 Knowledge and application of non-UK Information Assurance Standards NIST SP800 (in particular NISTSP800-53, NISTSP800-37, NISTSP) NIST Guidance Material Knowledge of encryption standards more »
laws, regulations, and industry guidelines. comprehensive security assessments, including health checks and gap analysis against standards like the Cyber Assessment Framework (CAF) and NIST CSF 2.0, to gauge and enhance clients' security posture. and implement OT Security Policies, Procedures, Guidelines, and Work Instructions as part of a CSMS … and the NIST Cybersecurity Framework (CSF) 2.0, ensuring governance practices are in place and standards like NISTSP800-82 are met. complex security challenges within Industrial Control Systems (ICS) and critical national infrastructure, providing bespoke solutions to mitigate risks. and evaluate operational technology … Experience: Experience in conducting detailed security assessments, audits, and gap analyses against standards, frameworks and guidance such as HSE OG-86, NISTSP800-82, CAF, and/or NIST CSF 2.0, to evaluate and enhance clients' security posture. Development Skill: Ability in crafting more »
a regular cadence for OT Cyber risk capture, appraisal, and assessment for NIS critical systems. Ensure there is consistent document and justification of NIST CSF controls process maturity and coverage of these systems. Ensure Improvement plans are underpinned by comprehensive risk registers that quantify gaps in our controls … Work closely with leadership to report on risk posture, metrics, mitigation strategies and investment priorities. Experience Demonstrable experience utilising risk assessment methodologies (e.g., NIST800-30, ISO27005, IEC 62443, FAIR). Demonstrable experience working with industry best practices and security control frameworks (e.g., NIST800 53, ISO 27001, IEC 62443, NIST CSF, NCSC CAF). Demonstrable experience implementing security risk management frameworks (e.g., NIST800-39, 800-37) Ability to communicate complex messages both orally & in writing using quantitative & qualitative measures to more »
and Cyber Kill Chain frameworks. Proficiency in maintaining Microsoft directory services. Familiarity with virtualization software. Knowledge of key security frameworks such as ISO, NIST800-53, 800-171, 800-172, C2M2. Excellent communication skills. Experience in writing Defence/Government documentation. Desirable more »
Experience: Experience in conducting detailed security assessments, audits, and gap analyses against standards, frameworks and guidance such as HSE OG-86, NISTSP800-82, CAF, and/or NIST CSF 2.0, to evaluate and enhance clients' security posture. Policy Development Skill: Ability in more »
frictionless user experience. Knowledgeable of Information Security best practices and regulatory and compliance requirements that impact security for the enterprise: HIPAA, HITECH, PCI, NIST Cybersecurity Framework, NIST800-53, ISO 27001, HITRUST, and other relevant privacy and security frameworks. Drive a unified IAM approach … Experience with global security and privacy standards and regulations such as GDPR and CCPA is a plus. Experience with ISO/IEC 27001, NIST CSF standards. Global company experience. Experience Progressive leadership roles and relevant experience as a team lead in various Information and Cyber security disciplines supporting more »
Cybersecurity experience with an interest to learn Industry 4.0, OT & IoT Security adaptive security approaches. Must have experience in working with framework like NIST CSF, IEC 62443, NIST800-82 etc. or at least good understanding about these frameworks. Should have a strong understanding … architecture competency. Ability to understand market and forecast demands to prepare team and improve delivery capabilities. Knowledge of security industry regulations and standards NIST, EU NIS Directive, IEC 62443. Ability to work with stakeholders ranging from C-level executives to business and technical teams . Excellent communication, presentation more »
but not limited to: Security governance and risk management approaches, tools, and techniques. Threat modelling (e.g. STRIDE) and socio-technical risk assessment (e.g. NIST800-30) methodologies. Attack classification and characterisation frameworks (e.g. MITRE ATT&CK) Computer, Network and Cloud Security architectures and controls, System Hardening … Transit, Public Key Infrastructure (PKI)), Security Monitoring and System Security Audit. National and international security standards including the International Standards Organisation (ISO) 27000 series, NIST Cyber Security Framework, Risk Management Framework, and SpecialPublication800Series, NCSC Cyber Assessment Framework, and other industry frameworks. Familiarity with more »
Stafford, Staffordshire, West Midlands, United Kingdom Hybrid / WFH Options
Viqu Limited
s and PLC's. Experience designing and configuring secure networks. Experience completing system assessments and security audits based on security frameworks such as NIST800-53/800-82, ISO 27001 and IEC 62433. Building strong relationships with internal and external stakeholders. Must be more »
Performs or coordinates internal security assessments, penetration tests, vulnerability scans, and assess organization cybersecurity maturity Complying with frameworks and regulations such as COBIT, NIST (800-53, cybersecurity), ISO, ITIL, PCI, GLBA, GDPR, HIPAA, and other data privacy and security standards and regulations. Provides internal customer support … Provides a documented work history that includes a minimum of 5-years experience in Information Security. Proficiency in security framework models such as NIST, etc., implementing and auditing security measures, security response, and incident management. Possess a working knowledge of Cisco network switches, routers, firewalls and VPN, network … upon vulnerability management program. Ability to propose solutions for closing identified vulnerabilities in the infrastructure. Desired Qualifications: Certified Information System Security Professional (CISSP), NIST Cybersecurity Framework (NCSF), Certified Cloud Security Professional (CCSP) andor Certified Ethical Hacker (CEH) Knowledge and experience with Microsoft Office and Visio. Knowledge of WAN more »
Dunbar, East Lothian, Scotland, United Kingdom Hybrid / WFH Options
Risktec Solutions Ltd
the following knowledge and expertise such as: An understanding of relevant industry security standards and frameworks such as IEC 62443, ISO 27001 or NIST 800. Working knowledge of typical OT plant computing such as ICS, SCADA, DCS, PLC, HMI and smart instruments. Experience of both modern and legacy more »
Knowledge of UK/NATO Information Assurance standards, procedures & systems, including Government Functional Standard GovS 007: Security, HMG IS1&2, ISO27000 series standards, NIST SP800 series standards, JSP440, JSP604, guidance material provided by NCSC, CPNI and NIST. Practical experience of producing Security Accreditation documentation Practical experience of NCSC more »
Knowledge of UK/NATO Information Assurance standards, procedures & systems, including Government Functional Standard GovS 007: Security, HMG IS1&2, ISO27000 series standards, NIST SP800 series standards, JSP440, JSP604, guidance material provided by NCSC, CPNI and NIST. * Practical experience of producing Security Accreditation documentation * Practical experience of NCSC more »
City Of London, England, United Kingdom Hybrid / WFH Options
Mimecast
Environmental Management Systems compliant with ISO14001:2015 Experience with the examination or implementation of technical controls, such as SOC 2, ISO, TISAX or NIST800-53 Excellent verbal and written communication skills Has demonstrable skill working with internal and external stakeholders Experience engaging with external auditing more »
Experience performing information systems audit or information security reviews Experience performing security audits against published standards Experience in leading a team ISO 27001, NIST800-53 experience to help in third party security risk assessment efforts Experience/Knowledge of working on GRC tool’s Strong more »
experience with, the following security documentation and procedural requirements would be preferred; DPA/IS Pts 1/2, JSP 440, JSP 604, NIST800series and JSP 440 - The Defence Manual of Security Strong analytical and problem-solving skills. Good communication and stakeholder management abilities more »
Luton, England, United Kingdom Hybrid / WFH Options
Addition+
Engineering, Infrastructure or IAM. Proven experience of authoring technical security standards and patterns. Familiar with security best practices (including ISO27001 and/or NIST800-53) and relevant security legislation. Have achieved security certification(s) such as CISSP/CISM/CeH or equivalent. Hold relevant more »
Stone, Staffordshire, West Midlands, United Kingdom Hybrid / WFH Options
Russell Taylor Group Ltd
What will you need? Experience working in OT, Understanding of cyber security, Experience configuring & deploying hardware and software solutions, Experience on technical frameworks: NIST800, IEC 62433 and NIS-D, To be a self-starter, A dynamic person, Build and maintain strong relationships with internal and more »
and measure detection rules Competency and understanding in CI/CD pipeline Familiar with Detection-as-code Understanding of security frameworks such as NIST, ISO 27001, and PCI DSS Familiarity with scripting languages such as Python or PowerShell Analytical and problem-solving skills Excellent written and verbal communication … operating in at least one public cloud platform (AWS, GCP, Azure) and other cloud native technologies (Kubernetes, Docker, Terraform) Familiarity with security standards NIST Cyber Security Framework, NIST SP800-61 R2 and ISO/IEC 27035 Relevant certifications such as Security+, Server+, Linux+ GSEC, GIAC, GCIH more »
Luton, England, United Kingdom Hybrid / WFH Options
Hays
and external customers (e.g., Programme Management, Customers, and Suppliers). Strong understanding of security compliance & detailed knowledge of a control framework such as NIST SP800-53 and ISO270002, IEC62443. Expert understanding of security maturity & detailed knowledge of a security maturity frameworks such as NIST CSF and more »
all levels. '€¢Strong written and oral communication skills '€¢Active SC Clearance, or ability to obtain SC clearance Experience of following Cyber Security Frameworks: '€¢ NIST Cybersecurity Framework (CSF): Understand the five core functions of Identify, Protect, Detect, Respond, and Recover. Familiar with the framework's guidelines for managing and … reducing cyber risks, in particular NIST 800.53. '€¢ ISO/IEC 27001: Comprehend the international standard for information security management systems (ISMS). Knowledge about risk assessment, controls, and continuous improvement. '€¢ CIS Controls: Be aware of the Centre for Internet Security's critical security controls. These provide a prioritized more »
Treatment Plans Establish security requirements for cloud-based solutions by evaluating business strategies and requirements, implementing security standards such as ISO 27000 series, NIST, CSF, and CSA Identify and deliver appropriate controls based on industry standards (e.g. CCM) to drive cloud and customer security solutions framework based on … and best practices for delivering security across IaaS, PaaS, SaaS and Serverless architectures Implementing Information Security and Privacy Standards and Frameworks (e.g. ISO 27k, NIST800-53, CIS, GDPR) Leading security working groups and external security testing (ITHC, Penetration Testing, etc) of cloud solutions at high HMG classification levels (OFFICIAL required more »