1 to 25 of 207 NIST Jobs in England

vulnerability management or cloud-native security tools (e.g., Qualys, Wiz, Microsoft Defender for Cloud) Solid understanding of information assurance frameworks and compliance (ISO 27001, NIST, etc.) Knowledge of risk management principles, including assessment and mitigation Exceptional communication skills with the ability to translate complex topics into business-friendly language Customer ...

and a global delivery operations support model. • Demonstrable experience of building and running a technical assurance function. • Demonstrable knowledge of industry standards such as NIST and ISO27001. Knowledge of relevant regulations such as GDPR, NIS2, and EU AI. • Exceptional analytical and decision-making abilities during BAU and incidents. • Experience ...

proven experience gained as a Security Architect or in a technical cyber role. Expertise in: Security legislation (GDPR, PCI DSS, ICO) Frameworks (ISO 27001, NIST CSF, CIS Controls v8) HMG/NCSC policies and guidance Cloud security (AWS, Azure) Microservice architectures PKI, Cryptography, Privileged Access Management Certifications: SABSA, TOGAF ...

level within complex organisations. Key Skills & Experience Proven experience developing and delivering cyber security strategies Strong understanding of security frameworks such as ISO 27001, NIST, Cyber Essentials Expertise in risk management, vulnerability assessment, and incident response Experience with enterprise security tools (e.g. SIEM, IDS, firewalls, encryption technologies) Knowledge of cloud ...

record operating as an Interim CISO/Head of InfoSec/Cyber Security Lead within global SaaS or technology environments Deep expertise across ISO27001, NIST, SOC 2 and PCI-DSS, with experience aligning and embedding controls across multi-region businesses Strong experience delivering and optimising ISMS/security governance frameworks ...

Lead experience MOD/GDS Secure by Design Familiarity with: JSP440, JSP604/453, JSP490 Supplier Chain Assurance GDPR, PCI DSS, ICO ISO 27001, NIST CSF, CIS Controls v8 Skills in: Threat modelling (kill chain, attack trees, etc.) Cloud security (AWS, Azure), containerisation, firewalls Secure SDLC HLD/LLD review ...

Lead experience MOD/GDS Secure by Design Familiarity with: JSP440, JSP604/453, JSP490 Supplier Chain Assurance GDPR, PCI DSS, ICO ISO 27001, NIST CSF, CIS Controls v8 Skills in: Threat modelling (kill chain, attack trees, etc.) Cloud security (AWS, Azure), containerisation, firewalls Secure SDLC HLD/LLD review ...

strong professional development opportunities. Skills Secure architecture design and secure-by-design principles Risk assessment, threat modelling, and vulnerability management Security frameworks: ISO 27001, NIST 800-30/53, OWASP Cloud security architecture (AWS, Azure, GCP) Incident response, penetration testing, and remediation concepts Persuasive communication skills across technical and ...

cloud infrastructure teams to implement IAM and AI security design patterns. Ensure AI security controls are appropriately implemented in our environment and align with NIST and CIS benchmarks. Validate effectiveness of implemented security controls through technical analysis. Perform residual IAM risk assessments and document acceptance/rejection rationale. Scope and ...

application and API design Logging, monitoring and SIEM Infrastructure, platform and endpoint security Experience working with security and compliance frameworks such as ISO27001, GDPR, NIST or CIS Excellent stakeholder engagement skills, able to communicate with both technical and non-technical audiences Pragmatic, risk-based approach with strong analytical skills Experience ...

technical knowledge with approximately 8+ years of experience within the industry. Working experience with common security/technology risk frameworks, for instance, ISO 27000, NIST, CIS Critical Security Controls, Cloud Controls Matrix, COBIT, and IIA GTAGs. Working experience with regulatory standards/requirements (US, UK) i.e., GDPR, BCBS 239, FFIEC ...

of Operating System security and system hardening concepts such as CIS Benchmarks. Experience in working with information security frameworks and regulatory requirements including ISO27001, NIST, PCI DSS, GDPR, Cyber Essentials. Experience of general IT Audit processes and conducting risk assessments. You will be a proactive self starter with strong communication ...

party security controls into vendor governance processes, working closely with Procurement, Legal, Technology, and Risk. Monitor compliance with industry frameworks such as CIS Controls, NIST, GDPR, and sector-specific guidance. Support contract reviews and provide expert input on security clauses, ensuring risk-based decisions are supported by strong security requirements. ...

party security controls into vendor governance processes, working closely with Procurement, Legal, Technology, and Risk. Monitor compliance with industry frameworks such as CIS Controls, NIST, GDPR, and sector-specific guidance. Support contract reviews and provide expert input on security clauses, ensuring risk-based decisions are supported by strong security requirements. ...

and the wider estate are sufficiently tested for signs of vulnerability. Governance, Risk & Compliance (GRC) Ensure audit readiness, control effectiveness (key SOX/ITGC, NIST/ISO mappings), and remediation governance; lead policy lifecycle and attestations. Oversee the enterprise risk process (RCSA, KRIs), executive reporting, and board risk briefings. Improve ...

firm and decisive when required Nice to have ISO27001 Lead Auditor or Implementer qualification Experience or familiarity with frameworks such as Cyber Essentials, NIST, NIS, CAF or SOC2 Wider knowledge of information security standards and best practice Security certifications such as CISSP, CISM or CISA Experience reviewing legal agreements relating ...

Microsoft Defender, M365 security tooling and firewalls Understanding of vulnerability management, incident response, endpoint protection and identity & access management Familiarity with frameworks such as NIST, ISO27001, OWASP, MITRE, CIS Benchmarks Experience operating within a regulated environment (Financial Services preferred) Ability to take ownership, work independently and make risk-based security ...

scoped, approved and tracked Maintaining security standards across Azure, M365, Active Directory, Dynamics, Power Apps and SQL environments Aligning security posture against ISO 27001, NIST, NCSC, CISA and Cyber Essentials+ frameworks Producing reports and dashboards to communicate security status to senior stakeholders Contributing to incident response and post incident configuration ...

assurance, finance industry, and information technology. Knowledge of vendor-agnostic cloud security concepts. Knowledge of information security and standards, including but not limited to NIST CSF 2.0. Possess a results-oriented, high-energy, self-motivated attitude and a strong commitment to customer service. Strong interpersonal, organizational, oral, and written communication ...

e.g. PowerShell, Python, KQL, Bicep) Strong networking and infrastructure security knowledge (protocols, firewalls, IDS/IPS, WAFs, hardening) Familiarity with incident response frameworks (e.g. NIST, SANS) Experience with cloud-native logging, monitoring, and detection tools Strong understanding of modern threat landscapes and frameworks (e.g. OWASP Top 10, MITRE ...

rules, analytics, baselines and security automation Run vulnerability scanning using tools like Tenable, Pentera, Varonis, Secure Score Support compliance work (ISO 27001, Cyber Essentials, NIST, SOC2) Contribute to threat hunting, threat intelligence application and proactive monitoring Support operational resilience: scenario testing, DR exercises, post-incident reviews Assist with security tooling ...

Information Security Manager), CISA (Certified Information Systems Auditor), CEH (Certified Ethical Hacker), or equivalent are highly desirable. In-depth knowledge of security frameworks (e.g., NIST, ISO 27001), network security protocols, firewalls, encryption, and intrusion detection systems (IDS). Strong understanding of threat landscape and risk management strategies. Proficiency in security ...

of risk for escalation and ensuring their posture remains within our risk appetite. Knowledge/Skills/Experience: Solid understanding of frameworks such as NIST, ISO27001, OWASP, CVSS. Formal security certifications desirable: CompTIA Security+, CISM/CISSP/CRISC beneficial. Working knowledge of regulatory requirements including DORA, CBEST, and ...

risk, cyber maturity, security architecture, cyber transformation and regulatory compliance for cyber. Experience of various recognised cyber security relevant standards and regulations, such as NIST CSF, CRI2.0, ISO27001, NCSC CAF, GDPR and NIS2. Experience working in a variety of environments or organisational contexts to develop cyber strategy and manage cyber ...

risk, cyber maturity, security architecture, cyber transformation and regulatory compliance for cyber. Experience of various recognised cyber security relevant standards and regulations, such as NIST CSF, CRI2.0, ISO27001, NCSC CAF, GDPR and NIS2. Experience working in a variety of environments or organisational contexts to develop cyber strategy and manage cyber ...