14 of 14 NIST 800 Jobs in the South West

role A track record of delivering security solutions for large-scale infrastructure, transformation or integration programmes Practical knowledge and understanding of industry security frameworks and guidance such as NIST CSF, NIST 800-53, NCSC CAF and other NCSC guidelines Good knowledge of networking (switching, routing, firewalls) Experience with the design concepts associated with adoption More ❯

incident response and remediation efforts for security breaches. Provide security guidance and training to teams across the organization. Key Skills & Experience: Strong knowledge of security frameworks (ISO 27001, NIST 800-30/53, OWASP) . Experience with risk management methodologies and compliance with MOD and HMG security standards (JSP, Def Stan 05-138/139). More ❯

incident response and remediation efforts for security breaches. Provide security guidance and training to teams across the organization. Key Skills & Experience: Strong knowledge of security frameworks (ISO 27001, NIST 800-30/53, OWASP) . Experience with risk management methodologies and compliance with MOD and HMG security standards (JSP, Def Stan 05-138/139). More ❯

position is critical to ensuring our products meet the highest standards of security by design. The successful candidate will be expected to bring deep, hands-on experience with NIST cybersecurity standards - this is essential -as well as a strong working knowledge of Defence Standards DefStan 05-138 Issue 3 and DefStan 05-139 Issue 1 . If you … controls throughout the product development lifecycle Conduct detailed threat modelling and risk assessments using recognised tools Lead the implementation of risk management strategies based on industry best practices (NIST, ISO) Work closely with development teams to ensure secure-by-design principles are followed Identify and propose mitigations for security vulnerabilities in solution architectures Maintain and evolve internal security … incident response efforts and coordinate remediation actions where needed Serve as a subject matter expert on product and application security to internal stakeholders Key Requirements: Extensive experience applying NIST frameworks (including NIST 800-30, NIST 800-53) - non-negotiable Working knowledge of DefStan 05-138 (Issue 3) and DefStan More ❯

accreditation and secure by design processes (ISN2023/09), and associated policies and practices across the lifecycle. In the application of standards including NIST Special Publications (e.g. SP 800-30, 37 & 53), and/or RTCA-DO-326A/B, 355A & 356A. In the application of Defence security standards, such as Defstan 05-138 & Defstan More ❯

and contribute to security awareness across teams. Clearly communicate risks to technical and non-technical stakeholders. What We're Looking For Essential Experience: Deep understanding of security frameworks: NIST (especially 800-30, 800-53) , ISO27001/2, ISO27005, and OWASP. Experience with Secure by Design principles and MOD-specific guidelines (e.g. JSP, Def Stan More ❯

the Security Policy Framework, the CESG IA Portfolio and MoD JSPs such as JSP440, JSP604/JSP453 (plus other standard MoD IA methods). Certifications such as ISO27000, NIST Cyber Security Professional, CISMP etc. Flexibility over UK, and potentially overseas travel. Desirable- Certified Information Systems Security Professional (CISSP)/Certified Information Security Manager (CISM) or equivalent. Associate/… Professionals (IISP), IS2, BCS, CIISEC. NCSC Certified Cyber Professional/CESG CCP (Security and Information Risk Advisor or Security Architect). Understanding of ‘Secure by Design’ methodology and NIST 800-37 Risk Management Framework. A keen interest in the latest technology with a focus on security technologies. Ambition to work in a challenging and rewarding role More ❯

the Security Policy Framework, the CESG IA Portfolio and MoD JSPs such as JSP440, JSP604/JSP453 (plus other standard MoD IA methods). Certifications such as ISO27000, NIST Cyber Security Professional, CISMP etc. Flexibility over UK, and potentially overseas travel. Desirable- Certified Information Systems Security Professional (CISSP)/Certified Information Security Manager (CISM) or equivalent. Associate/… Professionals (IISP), IS2, BCS, CIISEC. NCSC Certified Cyber Professional/CESG CCP (Security and Information Risk Advisor or Security Architect). Understanding of 'Secure by Design' methodology and NIST 800-37 Risk Management Framework. A keen interest in the latest technology with a focus on security technologies. Ambition to work in a challenging and rewarding role More ❯

the Security Policy Framework, the CESG IA Portfolio and MoD JSPs such as JSP440, JSP604/JSP453 (plus other standard MoD IA methods). Certifications such as ISO27000, NIST Cyber Security Professional, CISMP etc. Flexibility over UK, and potentially overseas travel. Desirable- Certified Information Systems Security Professional (CISSP)/Certified Information Security Manager (CISM) or equivalent. Associate/… Professionals (IISP), IS2, BCS, CIISEC. NCSC Certified Cyber Professional/CESG CCP (Security and Information Risk Advisor or Security Architect). Understanding of 'Secure by Design' methodology and NIST 800-37 Risk Management Framework. A keen interest in the latest technology with a focus on security technologies. Ambition to work in a challenging and rewarding role More ❯

the Security Policy Framework, the CESG IA Portfolio and MoD JSPs such as JSP440, JSP604/JSP453 (plus other standard MoD IA methods). Certifications such as ISO27000, NIST Cyber Security Professional, CISMP etc. Flexibility over UK, and potentially overseas travel. Desirable- Certified Information Systems Security Professional (CISSP)/Certified Information Security Manager (CISM) or equivalent. Associate/… Professionals (IISP), IS2, BCS, CIISEC. NCSC Certified Cyber Professional/CESG CCP (Security and Information Risk Advisor or Security Architect). Understanding of 'Secure by Design' methodology and NIST 800-37 Risk Management Framework. A keen interest in the latest technology with a focus on security technologies. Ambition to work in a challenging and rewarding role More ❯

in your day-to-day. What you'll be doing Designing robust, secure-by-design architectures aligned to MOD and wider government standards Managing risk using frameworks like NIST 800-53 and producing key security artefacts (RMAs, Security Aspects, Test Plans, etc.) Working with cross-functional teams including DevSecOps, Software, Infrastructure and Agile delivery Providing strategic More ❯

Stan 05-138, Def Stan 05-139) An understanding of MOD ISN 23/09 Secure by Design Knowledge of security frameworks, such as ISO/IEC 27001, NIST 800-30, NIST 800-53 or OWASP Working with risk management frameworks and methodologies (e.g., ISO 27001/2, ISO27005/31000, NIST 800-30, NIST 800-53) If this all sounds like something you will be interested in then simply apply and we can discuss the opportunity further! Product Security Architect Permanent role Based in Bristol Offering circa 80,000 Disclaimer: This vacancy is being advertised by either Advanced Resource Managers Limited, Advanced Resource More ❯

Stan 05-138, Def Stan 05-139) An understanding of MOD ISN 23/09 Secure by Design Knowledge of security frameworks, such as ISO/IEC 27001, NIST 800-30, NIST 800-53 or OWASP Working with risk management frameworks and methodologies (e.g., ISO 27001/2, ISO27005/31000, NIST 800-30, NIST 800-53) If this all sounds like something you will be interested in then simply apply and we can discuss the opportunity further! Product Security Architect Permanent role Based in Bristol Offering circa £80,000 Disclaimer: This vacancy is being advertised by either Advanced Resource Managers Limited, Advanced Resource More ❯

secure-by-design). Perform security code reviews, provide guidance on secure libraries and frameworks. Standards & Compliance Ensure products meet regulatory and defence standards (ISO 27001/27005, NIST 800-30/53, JSP 440/604, Def Stan 05-series). Lead the creation and maintenance of security documentation (RMADS, Security Assurance Documents, Security Management … 5+ years) in product or application security within defence, government, or security-cleared environments. Deep knowledge of risk management frameworks (ISO 27001/2/5/31000, NIST 800-series) and Defence Standards (JSPs, Def Stan 05-138/139). Hands-on experience with security testing tools and techniques (SAST, DAST, penetration testing). More ❯