1 to 25 of 31 NIST Jobs in Reading

date Assure applicability and delivery of Security Architecture baselines and ensure AI/ML systems comply with relevant regulatory requirements and industry standards, such as the EU AI Act, NIST AI RMF, the Digital Services Act, the Digital Markets Act, GDPR and ISO 27001 Support the testing of AI/ML products, services and models and the adversarial test specification More ❯

OSI model, defence-in-depth, and common security elements Understanding the best practices, control frameworks, and applicable legal and regulatory requirements data privacy and breach notification laws, ISO 27001, NIST CSF and SP 800-53, CIS, CSA CCM, PCI DSS, etc. Demonstrable strong leadership skills, including the ability to develop, mentor and coach others Experience in working in large or More ❯

of working in large, complex technology programmes involving multiple concurrent projects with significant experience of delivering through offshore/nearshore strategic vendors. Knowledge of security frameworks & standards (ISO 27001, NIST, CIS, GDPR, SOC 2) Be experienced in 'hands on' technology software delivery from initiation to implementation. Have knowledge of programme and project management methodology and managing full lifecycle of programmes More ❯

risk, as well as using GRC tools and guidance developed for Risk mitigation. Practical knowledge of information security standards and risk assessment frameworks such as ISO 27001, SOC 2, NIST 800-32 Strong knowledge of cyber controls, policies, and procedures. Experience of delivering metrics for senior level audiences. Demonstrate analytical and problem-solving skills. Ability to communicate risks associated with More ❯

Proficiency in analysing log sources and data normalization using platforms such as Splunk, Elastic, or similar. Frameworks & Methodologies: Deep knowledge of the MITRE ATT&CK framework, Cyber Kill Chain, NIST, and related methodologies. Communication: Excellent verbal and written communication skills, with the ability to work both independently and collaboratively. Desirable Certifications: Possession of or willingness to attain certifications such as More ❯

with advanced troubleshooting capabilities using tools like Wireshark and Fiddler Professional certifications (Cisco, VMware, CISSP, or Microsoft) Cloud security expertise and hybrid infrastructure experience Knowledge of security frameworks (ISO27001, NIST, SANS, CIS, Cloud Security Alliance) Strong stakeholder management and communication skills Team-oriented approach with ability to adapt to rapid change Valid driver's license with flexibility to travel Alignment More ❯

and implementing enterprise-level security architectures within large and complex organizations. Experience evaluating and recommending security technologies, including IAM, network security, cloud security, and endpoint protection solutions. Knowledge of NIST Cybersecurity Framework (CSF), ISO/IEC 27001/27002, or CIS Controls. Experience in securing cloud platforms (e.g., Azure, AWS, Google Cloud) and hybrid cloud environments. Familiarity with security monitoring More ❯

and implementing enterprise-level security architectures within large and complex organisations. Experience evaluating and recommending security technologies, including IAM, network security, cloud security, and endpoint protection solutions. Knowledge of NIST Cybersecurity Framework (CSF), ISO/IEC 27001/27002, or CIS Controls. Experience in securing cloud platforms (e.g. Azure, AWS, Google Cloud) and hybrid cloud environments. Familiarity with security monitoring More ❯

industrial networks. Conduct risk assessments and threat modeling for ICS/SCADA systems and recommend mitigation strategies. Develop and maintain security standards, reference architectures, and best practices aligned with NIST, IEC 62443, and other industry standards. Collaborate with IT, OT, and engineering teams to ensure cybersecurity is integrated into operations and product lifecycle. Define and implement network segmentation, secure remote … of OT protocols (Modbus, DNP3, PROFINET, etc.) and ICS/SCADA systems. Strong knowledge of network security , firewalls, VPNs, IDS/IPS, and security zoning. Familiarity with cybersecurity frameworks: NIST CSF , IEC 62443 , MITRE ATT&CK for ICS . Proficient in developing architecture diagrams, security policies, and risk assessments . Experience working with cross-functional teams in industrial or critical More ❯

for people with: Essential: Good knowledge of best practice information security controls and the potential impact of controls on business operations. Good understanding of security frameworks (e.g. ISO 27001, NIST etc.). Excellent attention to detail and strong written and verbal communication skills in English. Ability to translate technical guidance into clear, actionable requirements. Skilled at identifying security risks and More ❯

start to finish, including client identification, scoping, execution, and invoicing. Work with large enterprise customers to provide security consulting services. Apply established security frameworks and standards such as ISO27001, NIST CSF, CIS Top 18, and COBIT. Demonstrate professional consulting experience in Enterprise IT-security, Cyber Security Governance, Technology Risk Management, Compliance, Business Continuity/DR, and Cloud Security. Ensure client … high-quality solutions tailored to business needs. What We Are Looking For Minimum of 6 years of professional experience in security consulting. Proficiency with security standards and frameworks (ISO27001, NIST CSF, CIS, COBIT). Relevant certifications such as CISSP, CISA, CRISC, CISM, CISMP, ISO 27001 LI, or ISO27001 LA. A Bachelor’s Degree in a related discipline or equivalent experience. More ❯

call and overtime if there are very serious cyber attacks. Location in the UK is flexible. Responsibilities: Help build Element’s IR capability. Implement best practice in line with NIST, SANS and other industry frameworks Govern and coordinate cyber incidents. Act as the lead incident manager and technical authority for Cyber Defence. Conduct thorough investigations to reduce risk. Determine the More ❯

CIPT, or equivalent preferred. Admission to practice law in at least one jurisdiction preferred. Knowledge of AI, cloud computing, and emerging legal data privacy challenges. Familiarity with ISO 27001, NIST, and other security frameworks. Education & Experience: Minimum 8 years of experience in data protection law, privacy compliance, or related legal functions. We welcome talent at all career stages and are More ❯

customer delivery security, and preferably some experience and/or awareness of different security controls in the mobile network core domain. Practical experience with ISO/IEC 2700-series, NIST 800-series, GDPR, Risk Management, and principles of Information Security, Business Continuity, and Crisis Management. Business Acumen: Sound understanding of business processes, risk management, and change management practices. Security Clearance More ❯

Protection architectures and controls, Cryptographic controls (Data at Rest, Data in Transit, Public Key Infrastructure (PKI)), Security Monitoring and System Security Audit. National and international security standards including the NIST Cyber Security Framework, Special Publication 800 Series and other industry frameworks. Familiarity with TOGAF and Archimate. Experience in MOD security policy, processes, and practices (inc Joint Service Publications More ❯

with modern CI/CD tools like GitHub, Jenkins, Bamboo. Ability to translate security policies into effective security controls. Knowledge of security standards and regulations such as ISO 27001, NIST, GDPR. Experience with open-source security tools and securing Azure cloud workloads. Note: Applicants must have the Right to Work in the UK and be based in the UK. Benefits More ❯

process across the organisation Work as part of the GRC team and wider CSO to ensure compliance to industry recognised security certifications/accreditations (such as ISO27001, CE+, CMMC, NIST, FSC, IPSA, etc.) Provide subject matter expert input in maintenance of relevant process documentation as required in addition to owning the security risk management process to include co-ordinate, review More ❯

use of Risk Assessment tools and methodologies across a wide range of industry sectors, You have an in-depth knowledge of industry-standard frameworks and practices, such as the NIST Cybersecurity Framework, NIS-2, JSPs, MITRE) Experience in the implementation of Secure by Design principles Desirable: Graduated in Engineering or Computer Science or hold relevant industry certifications (CISSP, Cisco, CCP More ❯

system (ISMS) capable of demonstrating compliance against internal security requirements and external commitments including certification and regulatory requirements. Provide subject matter expertise in the application of established standards including NIST, PCI-DSS, GDPR, COBIT, ISO 27001 and Cyber Essential compliance to any new or existing programme of work. Prepare and support internal and/or external compliance audit activities. Manage … certifications. Maintain up-to-date knowledge of legal & regulatory requirements impacting Technology and Operations and its Partners. Apply comprehensive knowledge of legal, regulatory obligations, and industry best practices (e.g., NIST, COBIT, ISO27001, PAS 555) to ensure compliance with technology standards. Schedule and review risk and compliance audits; direct issues to appropriate resources for investigation and resolution. Our people make us … as we continue to deliver for our customers. LI-KS1 Possess one of the Risk or security certifications (CISSP, CRISC, CISM). Have good knowledge and practical experience of NIST, PCI-DSS, GDPR, COBIT, ISO 27001, or Cyber Essentials. Previous experience in a similar role, with the ability to work in a dynamic and changing environment. Excellent team player who More ❯

and know how to influence/negotiate technical outcomes with 3rd parties, including conflict resolution due to changing priorities. Experience of using common information security management frameworks, such as NIST, PCI, GDPR, ISO Series, OWASP the IT Infrastructure Library (ITIL), the ISF Standards of Good Practice (SoGP) and ISACA's Control Objectives for Information and related Technology (COBIT) frameworks. Actively More ❯

techniques that can make our software applications demonstrably more secure and robust. Good understanding of common information security management standards, frameworks, and laws/regulations: e.g . ISO 27001 , NIST , GDPR . Experience of open-source security tools and how they could be used in an enterprise. Experience of securing Azure cloud workloads and environments. Please note, to be considered … InfoSec, Security, Security Strategy, Best Practice, Programming, Code, C++, C#, C, .NET Core, Java, JavaScript, Node.js, Angular, React, OWASP, Agile, Application Threat Modelling, Security Policy, Security Controls, ISO 27001, NIST, GDPR, Cloud, Azure. Please note that due to a high level of applications, we can only respond to applicants whose skills and qualifications are suitable for this position. No terminology More ❯

network of Member Firms for compliance against our information security framework. The ideal candidate will have experience evaluating IT Infrastructure Security technologies, IT general computer controls, industry frameworks (e.g. NIST) and will bring strong information technology audit or security consulting experience to the programme. Location United Kingdom/Europe Main responsibilities The Senior Associate will support with the implementation of … experience in a similar role. Prior experience within a security compliance assurance or auditing position. Understanding of relevant regulatory requirements and assurance processes, including various auditing standards such as NIST and ISO27001 Analytical skills to collect, analyse and interpret information and/or data into useful insight Excellent communication skills, both verbal and written, with the ability to initiate and More ❯

Lead; day to day work is managed by allocated team Scrum Master. Responsibilities and Tasks . Support delivery of secure Releases and Features aligned with the relevant Legacy or NIST assurance processes through Security Assurance stories agreed with nominated team Scrum Master . Create security assurance case for releases, including risk assessments and mitigations for identified defects and vulnerabilities . … relevant security issues via the Security Lead or Security Assurance Lead for resolution at the security working group Knowledge, Experience and Capabilities . Cyber Security Assurance . ISO27001 . NIST 800-53 series . MOD Secure by Design . Information assurance . Risk management . High quality of written and verbal communication skills . Experience of working in Secure environments More ❯

Security Lead; day to day work is managed by allocated team Scrum Master. Responsibilities and Tasks • Support delivery of secure Releases and Features aligned with the relevant legacy or NIST assurance processes through Security Assurance stories agreed with nominated team Scrum Master • Create security assurance case for releases, including risk assessments and mitigations for identified defects and vulnerabilities • Liaise with … the Authority • Escalate relevant security issues via the Security Lead or Security Assurance Lead for resolution at the security working group Knowledge, Experience and Capabilities • Cyber Security Assurance • ISO27001 • NIST 800-53 series • MOD Secure by Design • Information assurance • Risk management • High quality of written and verbal communication skills • Experience of working in Secure environments (Highly desirable) • Experience in Safe More ❯

Security Lead; day to day work is managed by allocated team Scrum Master. Responsibilities and Tasks Support delivery of secure Releases and Features aligned with the relevant legacy or NIST assurance processes through Security Assurance stories agreed with nominated team Scrum Master Create security assurance case for releases, including risk assessments and mitigations for identified defects and vulnerabilities Liaise with … the Authority Escalate relevant security issues via the Security Lead or Security Assurance Lead for resolution at the security working group Knowledge, Experience and Capabilities Cyber Security Assurance ISO27001 NIST 800-53 series MOD Secure by Design Information assurance Risk management High quality of written and verbal communication skills Experience of working in Secure environments (Highly desirable) Experience in Safe More ❯