1 to 25 of 214 NIST Jobs in England

analysis tools. Familiarity with scripting languages (Python, Bash, PowerShell). Experience with cloud security monitoring (AWS, Azure, GCP). Knowledge of frameworks such as NIST and MITRE ATT&CK. Qualifications Bachelor’s degree in Cyber Security, IT, or related field. 3–5 years in SOC operations, incident response, or threat

SLOs) and key performance indicators (KPIs) for all security services. * Compliance, Governance & Risk Management: * Ensure alignment with global compliance requirements such as ISO 27001, NIST, SOC 2, GDPR, and others. * Partner with governance, legal, and ISRM teams to implement enforceable policies and standards across identity, endpoint, and data domains. * Operationalize

SLOs) and key performance indicators (KPIs) for all security services. Compliance, Governance & Risk Management: Ensure alignment with global compliance requirements such as ISO 27001, NIST, SOC 2, GDPR, and others. Partner with governance, legal, and ISRM teams to implement enforceable policies and standards across identity, endpoint, and data domains. Implement

security project delivery, PowerShell automation skills, and familiarity with IR frameworks. Consulting-style experience providing advisory support to IT/Digital teams. Knowledge of NIST, CIS, ISO, COBIT, OWASP, and willingness to work out of hours/travel when needed. Desirable: Experience in MxDR/SOC support, security technologies

information, cyber, or data security. CISSP, CISM, or CISA certified (or equivalent). Track record of delivering security programs aligned to ISO 27001, NIST, PCI DSS, and Cyber Essentials Plus. Hands-on experience with cloud platforms (Azure, AWS), on-premise networks, and hybrid architectures. Strong experience in Zero Trust security

information, cyber, or data security. CISSP, CISM, or CISA certified (or equivalent). Track record of delivering security programs aligned to ISO 27001, NIST, PCI DSS, and Cyber Essentials Plus. Hands-on experience with cloud platforms (Azure, AWS), on-premise networks, and hybrid architectures. Strong experience in Zero Trust security

CISM, CISA, or equivalent Higher education sector experience Multi-tenant SaaS architecture security experience DevSecOps and CI/CD security integration knowledge Security frameworks: NIST, CIS Controls, OWASP Multi-jurisdictional data protection knowledge Enterprise sales cycle support experience Key Attributes: Strategic thinker who can balance security with business needs Pragmatic

CISM, CISA, or equivalent Higher education sector experience Multi-tenant SaaS architecture security experience DevSecOps and CI/CD security integration knowledge Security frameworks: NIST, CIS Controls, OWASP Multi-jurisdictional data protection knowledge Enterprise sales cycle support experience Key Attributes: Strategic thinker who can balance security with business needs Pragmatic

networking, Windows/Linux, and cybersecurity fundamentals Experience with SIEM (e.g., Sentinel, Splunk), EDR tools, and vulnerability platforms Understanding of security frameworks (ISO 27001, NIST, CIS) Working knowledge of Microsoft InTune Familiarity with GDPR and data protection requirements Desirable Certifications such as Security+, CEH, GIAC Experience with cloud security (Azure

networking, Windows/Linux, and cybersecurity fundamentals Experience with SIEM (e.g., Sentinel, Splunk), EDR tools, and vulnerability platforms Understanding of security frameworks (ISO 27001, NIST, CIS) Working knowledge of Microsoft InTune Familiarity with GDPR and data protection requirements Desirable Certifications such as Security+, CEH, GIAC Experience with cloud security (Azure

architecture. Practical experience managing cyber incidents and implementing secure configurations. Excellent analytical and problem-solving skills, with clear documentation and communication abilities. Familiarity with NIST, ISO 27001, and CIS Controls frameworks. Ability to work under pressure, prioritise effectively, and maintain attention to detail. Desirable: Professional certifications such as GSEC, CISSP

architecture. Practical experience managing cyber incidents and implementing secure configurations. Excellent analytical and problem-solving skills, with clear documentation and communication abilities. Familiarity with NIST, ISO 27001, and CIS Controls frameworks. Ability to work under pressure, prioritise effectively, and maintain attention to detail. Desirable: Professional certifications such as GSEC, CISSP

data protection. Establish metrics and reporting to demonstrate effectiveness, risk reduction, and compliance with regulatory requirements (e.g., National Institute of Standards Cyber Security Framework (NIST CSF), Digital Operations Resilience Act (DORA), New Tork State Department of Financial Services (NYDFS), Sarbanes-Oxyley (SOX), and the Financia Conduct Authority(FCA). Cyber

engagement What We're Looking For Senior leadership experience in cyber/security CISSP, CISM, CISA or equivalent Strong track record with ISO 27001, NIST, PCI DSS, Cyber Essentials Plus Hands-on background across Azure, AWS, hybrid infrastructure, and modern security tooling Strong communicator with excellent stakeholder influence What

threat intelligence platforms. * Expertise in metrics-driven monitoring: defining, tracking, and reporting MTTD, MTTR, false positive rates, and coverage completeness. * Familiarity with frameworks like NIST CSF, MITRE ATT&CK, and ISO 27001, with experience applying these to monitoring. * Experience in threat hunting, anomaly detection, and behavioral analytics. * Strong leadership skills

cloud infrastructure teams to implement IAM and AI security design patterns. Ensure AI security controls are appropriately implemented in our environment and align with NIST and CIS benchmarks. Validate effectiveness of implemented security controls through technical analysis. Perform residual IAM risk assessments and document acceptance/rejection rationale. Scope and

management (Qualys or similar platforms). Understanding of Email Security platforms (e.g., Darktrace) and Security Awareness & Training platforms. Knowledge of security frameworks (ISO 27001, NIST, GDPR, etc.). Familiarity with SIEM, security system administration, and incident response. Understanding of SOC operations and monitoring. No formal qualifications required, although a security

globally. Expertise in information security technologies: Firewalls, intrusion detection, assessment tools, encryption, certificate authority, etc. Knowledge in information security areas such as (ISO27001, PCI, NIST & GDPR), identity and access management, security policies, processes, and procedures Understanding of emerging security technologies and their impact on networks and systems. Experience of risk

point security tools and data loss prevention systems also highly advantageous Experience working within recognised Information Security frameworks and best practices such as ISO27001, NIST etc. Knowledge of relevant regulatory requirements (e.g. GDPR/FCA/PRA) Experience in an Information Security role gained in a financial services

Risk Treatment Plans Establish security requirements for cloud-based solutions by evaluating business strategies and requirements, implementing security standards such as ISO 27000 series, NIST, CSF, and CSA Identify and deliver appropriate controls based on industry standards (e.g. CCM) to drive cloud and customer security solutions framework based on business

solutions and standards is highly advantageous Competence, knowledge and skills Competence Experience working within recognised Information Security frameworks and best practices such as ISO27001, NIST etc. 5 years experience in an Information Security role gained in a financial services or e-commerce environment is preferred Knowledge & Skills Significant experience

Design Principles Supplier Chain Assurance and Risks. Security related legislation (e.g. GDPR, PCI DSS, ICO requirements). Security Control Frameworks such as ISO 27001, NIST CSF and CIS Controls v8. HMG, NPSA and NCSC security policies, standards and guidance. Have experience building and implementing secure by design principals within

Design Principles Supplier Chain Assurance and Risks. Security related legislation (e.g. GDPR, PCI DSS, ICO requirements). Security Control Frameworks such as ISO 27001, NIST CSF and CIS Controls v8. HMG, NPSA and NCSC security policies, standards and guidance. Have experience building and implementing secure by design principals within

Citizen/residing in UK Strong working knowledge of: JSP440, JSP604/453, JSP490 MOD/GDS Secure by Design principles ISO 27001, NIST CSF, CIS Controls v8 HMG, NPSA, NCSC policies and guidance Cloud security (Azure, AWS), containerisation, KMS, WAFs Event-driven microservices, network infrastructure, IDS/

emerging tech. The following would also be of interest: Certifications in automation/cloud (Azure Solutions Architect, Terraform, GIAC), vulnerability management (Qualys, ISO 27001, NIST). Experience with SOAR, SIEM, XDR, and cloud-native security (especially Azure). Pre-sales or solution architecture exposure. What can we offer you? Through