126 to 150 of 218 NIST Jobs in England

clearly with both technical and non-technical audiences. Strong knowledge of security architecture principles and frameworks, including SABSA and guidance from organisations such as NIST and NCSC. Experience designing and documenting effective security controls aligned to business objectives using a risk-based approach. Strong leadership, influencing, and stakeholder management skills. … such as CISSP, CCSK, CCSP, TOGAF, or SABSA. It would be great if you had: Cloud security reference architectures, such as AWS and Azure. NIST Cybersecurity Framework and SP 800-53 controls. NCSC guidance and standards. Secure-by-Design methodologies. Specialist security domains such as Identity and Access Management, Infrastructure ...

Understand system interdependencies and behaviour during recovery scenarios. Strong analytical and problem-solving abilities. Familiarity with industry standards and frameworks e.g. ISO 22301, ITIL, NIST etc. Excellent verbal and written communication skills. Ability to build strong professional relationships at all levels of the organisation What we offer Enjoy a benefits ...

Candidate Profile * Minimum 6 years’ experience within data management, data governance, or data security, ideally within financial services * Strong knowledge of frameworks such as NIST 800, ISO 27001, and UK regulatory expectations (PRA, FCA, ICO, GDPR) * Proven experience across data governance, data quality, metadata, and data security * Good understanding of ...

eg. endpoint, network, cryptography and IAM. The nice to haves: Awareness of industry related security standards such as ISO 27000 series, PCI DSS, COBIT, NIST, OWASP. Certifications in security management eg. CISSP/CISM/CCSP or equivalent. Certifications in technical security domains eg. CEH/OSCP or equivalent. Experience ...

lifecycle Key skills & experience required for the role of Product Security Engineer based in Surrey Experience in project security planning and implementation (e.G. NIST 800 series). Strong background in Secure by Design principles and security-focused documentation. Experience in Information Assurance frameworks (e.G. CESG Good Practice Guides). Proven ...

primary point of contact for clients during onsite assessments and GRC implementations. Key Responsibilities Project Delivery: Lead the fieldwork for Cyber Maturity assessments (NIST, ISO 27001, Cyber Essentials Plus) and Third-Party Risk Management (TPRM) reviews Client Engagement: Manage day-to-day client relationships, ensuring data collection and stakeholder interviews ...

someone who takes ownership, thinks critically, and thrives in a collaborative environment tackling complex challenges. Experience conducting risk assessments using methodologies such as NIST or ISO 27005 Ability to define and implement risk mitigation strategies (technical, physical, procedural) Experience producing security documentation (e.g. risk assessments, security design, policies, test plans ...

resilience • Exposure to Microsoft Defender suite and security tooling • Experience running incident simulations or resilience testing exercises • Knowledge of frameworks such as ISO 22301, NIST, or ISO 27001 TO BE CONSIDERED: Please either apply through this advert or email me directly via dave.henderson@searchability.com. For further information please call ...

business systems. Strong understanding of hybrid/cloud convergence and securing legacy or brownfield enterprise landscapes. Knowledge of recognised enterprise security standards such as NIST CSF, ISO 27001, and zero-trust principles. Experience designing secure segmentation models (zero-trust, micro-segmentation), next-gen firewalls, and secure remote access solutions. Familiarity ...

Microsoft-centric environments. * Strong understanding of hybrid cloud infrastructure, Azure services, and modern workplace technologies. * Familiarity with security, resilience, and operational frameworks (e.g. ISO27001, NIST, ITIL). * Experience in agile and traditional delivery models, with the ability to work across project and BAU contexts. * Demonstrable experience delivering infrastructure change ...

consultancy position. You’ll lead client engagements across UK NCSC Cyber Assessment Framework (CAF), ISO 27001 (including full end-to-end implementation), ISO 42001, NIST Cyber Security Framework v2.0 and Cyber Incident Exercising, advising on governance, risk and assurance challenges. You’ll take ownership of delivery from scoping through ...

consultancy position. You’ll lead client engagements across UK NCSC Cyber Assessment Framework (CAF), ISO 27001 (including full end-to-end implementation), ISO 42001, NIST Cyber Security Framework v2.0 and Cyber Incident Exercising, advising on governance, risk and assurance challenges. You’ll take ownership of delivery from scoping through ...

consultancy position. You’ll lead client engagements across UK NCSC Cyber Assessment Framework (CAF), ISO 27001 (including full end-to-end implementation), ISO 42001, NIST Cyber Security Framework v2.0 and Cyber Incident Exercising, advising on governance, risk and assurance challenges. You’ll take ownership of delivery from scoping through ...

consultancy position. You’ll lead client engagements across UK NCSC Cyber Assessment Framework (CAF), ISO 27001 (including full end-to-end implementation), ISO 42001, NIST Cyber Security Framework v2.0 and Cyber Incident Exercising, advising on governance, risk and assurance challenges. You’ll take ownership of delivery from scoping through ...

Windows Server and Linux/Unix environments Network device onboarding into PAM Credential vaulting and session management Understanding of ISO 27001 and/or NIST CSF Strong troubleshooting and problem-solving skills Ability to obtain SC clearance Desirable Experience with leading PAM platforms (e.g. BeyondTrust, CyberArk, Delinea) Scripting skills (PowerShell ...

experience Onboarding Windows, Linux/Unix, and network devices to PAM Knowledge of AD privileged accounts and SIEM integration Understanding of ISO 27001/NIST CSF frameworks Strong troubleshooting and documentation skills Desirable: Degree in InfoSec, CS, or STEM Beyond Trust certifications Experience with other PAM platforms (CyberArk, Delinea) Scripting ...

system logs and authentication systems. Working knowledge of SIEM platforms (e.g. Microsoft sentinel, Splunk, Elastic, QRadar). Desirable: Awareness of security frameworks and methodologies (NIST CSF, MITRE ATT&CK, ISO27001). Qualifications: Desirable: CompTIA Security+, CySA+ or other entry level certification. ...

traceable to MOD security policies and risk appetite. Assurance Activities (Compliance, Risk, Accreditation) Risk & Compliance Conduct risk assessments using MOD-approved methodologies (e.g., NIST, ISO 27005). Produce and maintain Security Risk Assessments (SRAs) and Risk Treatment Plans (RTPs). Identify non-compliances and propose compensating controls. Accreditation & Governance Support ...

traceable to MOD security policies and risk appetite. Assurance Activities (Compliance, Risk, Accreditation) Risk & Compliance Conduct risk assessments using MOD-approved methodologies (e.g., NIST, ISO 27005). Produce and maintain Security Risk Assessments (SRAs) and Risk Treatment Plans (RTPs). Identify non-compliances and propose compensating controls. Accreditation & Governance Support ...

MITRE ATT&CK framework, and security maturity models such as OpenSAMM and C2M2. Strong working knowledge of recognised security frameworks and standards, including NIST Cybersecurity Framework, OWASP, SANS Top 25, and regulatory requirements such as GDPR and PCI DSS. Demonstrated technical expertise across modern technologies and architectures, including virtualisation, cloud … of operating system security and system-hardening practices, including CIS benchmarks. Experience working with information security frameworks and regulatory standards such as ISO 27001, NIST, PCI DSS, GDPR, and Cyber Essentials. Knowledge of general IT audit processes, including conducting risk assessments and supporting audit activities. Exposure to threat hunting, digital ...

complex technical and strategic conversations with confidence and clarity. Serve as a trusted thought partner as clients navigate regulatory compliance requirements, security frameworks (e.g. NIST, ISO 27001, NIS2, DORA), and evolving threat environments. Identify and shape new opportunities within existing accounts, recognising client challenges and translating them into well-formed … complex, multi-site, or multi-cloud enterprise environments. Familiarity with compliance and regulatory frameworks relevant to enterprise clients (NIS2, DORA, ISO 27001, PCI-DSS, NIST CSF). Working knowledge of at least two or more leading security vendors at an architectural level (e.g. Palo Alto/Prisma, Zscaler, Cisco Umbrella ...

escalation, risk acceptance, and risk appetite reporting. Control Framework & Assurance Define and maintain IT and cyber control objectives aligned to: Lloyd’s Minimum Standards NIST/CIS Controls Operational resilience requirements Ensure controls are documented, consistently applied, and reviewed for effectiveness. Drive continuous improvement of the technology control environment. Control ...

architectural mitigations. Excellent advisory skills with the ability to provide architectural governance, extend standards where required (i.e. genomics), support risk taxonomies, and align to NIST CSF and maturity models. Excellent communication skills with the ability to influence senior stakeholders. Nice to have: Immediate availability. Hays Specialist Recruitment Limited acts ...

Hands-on experience working with ISO 27001 in a practical environment is essential Exposure to, or familiarity with, other frameworks such as GDPR, NIST, NIS 2 or AI-related standards would be highly beneficial Strong technical content, product content, customer education or technical writing experience Experience creating guidance, documentation, templates ...

Document findings clearly, prioritise risks, and contribute to client-ready reports. Work with consultants to map findings to frameworks and standards (e.g. ISO 27001, NIST, CIS). Help develop internal tools, scripts, or automation to improve testing efficiency. Participate in threat research and stay current with emerging vulnerabilities and attack ...