12 of 12 NIST 800 Jobs in Scotland

in Europe & UK • Managing sales, pre-sales and delivery team of consultants for all regional engagements • Manage Cyber Risk engagement on assessment and implementation of frameworks such as NIST 800-53 r5, NIST CSF2.0, CIS, ISO27K • Executing advisory & consulting engagements around regulatory risk & compliances such as DORA, NIS2, GDPR, SOX ITGC, PCI-DSS, HIPAA … organizations) • Should have proven capabilities of executing atleast 3-4 advisory/consulting engagements • Excellent technical capabilities around information security, business continuity and technology risk assessments. ISO 27K, NIST, AI Governance, CIS etc. • Good compliance understanding of industry domains such as BFSI – (SOX, FFIEC, PCI-DSS, BASEL, MAS etc.), Healthcare & Life-sciences – (HIPAA, Hi-Trust, FDA CFR, GxP … Compliance), Telecom, Retail, Data Privacy (GDPR, CCPA) Energy & Utilities (NERC, FERC) Information Security (ISO 27000, NIST, CIS) TPRM • Business Resiliency & Cyber Recovery, ZTA • GRC Project & Program Management • Excellent written and verbal communications skills • Should be able to travel 70%-80% on short as well as long term engagements. PLATFORM/TOOL EXPERTISE Experience on the below mentioned tools More ❯

technology and its cryptographic principles is a plus. Certifications such as CISSP, CISM, AWS Security Specialty, HashiCorp Certified Vault Associate or CCSK. Familiarity with security frameworks such as NIST 800-57, ISO 27001 or PCI DSS. Are you the right candidate? Yes! We truly believe in the power that comes from the diverse backgrounds and experiences More ❯

cryptographic security controls into software development and deployment processes. Support post-quantum cryptography (PQC) readiness by evaluating and preparing for emerging threats to encryption security. Ensure compliance with NIST 800-57, PCI DSS, FIPS 140-2/3, ISO 27001, GDPR, FFIEC, and IoT security (NIST 800-183, ETSI EN … storage practices. Experience working in financial institutions or other highly regulated industries. Certifications such as CISSP, CISM, AWS Security Specialty, HashiCorp Certified Vault Associate or CCSK. Familiarity with NIST 800-57, PCI DSS, FIPS 140-2/3, ISO 27001, GDPR, FFIEC, and IoT security (NIST 800-183, ETSI EN More ❯

accreditation and secure by design processes (ISN2023/09), associated policies and practices across the lifecycle. Experience in the application of standards including NIST Special Publications (e.g. SP 800-30, 37 & 53). Application of Defence standards including Defstan 05-138 & Defstan 05-139. Experience managing risks and services in accordance with customer, regulatory and More ❯

accreditation and secure by design processes (ISN2023/09), associated policies and practices across the lifecycle. Experience in the application of standards including NIST Special Publications (e.g. SP 800-30, 37 & 53). Application of Defence standards including Defstan 05-138 & Defstan 05-139. Experience managing risks and services in accordance with customer, regulatory and More ❯

MOD accreditation and secure by design processes (ISN2023/09), associated policies and practices across the lifecycle. Knowledge or application of standards including NIST Special Publications (e.g. SP 800-30, 37 & 53). Managing risks and services in accordance with customer, regulatory and legislative expectations. Experience outside of traditional enterprise IT scenarios extending to proprietary and More ❯

to both technical and non-technical audiences. What would be great to have CISSP, CISM, 62443 cyber security certificates Cyber Assessment Framework, NIST CSF, NIST SP 800-82, IEC ISA 99/62443, CIS Controls Strong understanding of IT and OT security risks Knowledge of the threat landscape Experience in Business development and proposal More ❯

key to aligning local and global security standards. You'll also drive cyber awareness and training initiatives for commercial teams, support regulatory compliance (e.g., ISO 27001, NIST SP 800-53, GDPR), and handle incident response, triage, and escalations per internal policies. You'll contribute to investigations, the annual NIST CSF 2.0 maturity assessment, and … Required You're a proactive, analytical security professional with a strong technical background and excellent communication skills. You bring: Proven experience with ISO 27001, NIST CSF/SP 800-53, GDPR compliance, and risk management Strong technical expertise in implementing security controls aligned with ISMS Ability to create clear, audience-tailored documentation and reports Effective problem More ❯

MOD accreditation and secure by design processes (ISN2023/09), associated policies and practices across the lifecycle. Knowledge or application of standards including NIST Special Publications (e.g. SP 800-30, 37 & 53). Managing risks and services in accordance with customer, regulatory and legislative expectations. Experience outside of traditional enterprise IT scenarios extending to proprietary and More ❯

team to translate regulatory requirements (e.g. SOC2, ISO 27001, HIPPA, GDPR, PCI DSS) into technical controls in the cloud. Adherence and experience of compliance frameworks (e.g. CIS Benchmarks, NIST 800-53). Building or maintaining automated continuous compliance monitoring solutions (e.g. CSPM, CNAAP). Assessing cloud environments for drift and misconfiguration and remediation workflows implementation via More ❯

security incident response and investigation Essential skills will include: Proven experience in implementing and managing security frameworks such as ISO 27001, NIST CSF/NIST SP 800-53, and GDPR Strong technical skills in designing, implementing, and maintaining security controls Excellent problem-solving skills with the ability to interpret complex security topics and translate More ❯

security incident response and investigation Essential skills will include: Proven experience in implementing and managing security frameworks such as ISO 27001, NIST CSF/NIST SP 800-53, and GDPR Strong technical skills in designing, implementing, and maintaining security controls Excellent problem-solving skills with the ability to interpret complex security topics and translate More ❯