21 of 21 NIST Jobs in Scotland

security specialists (preferred). Understanding of data security, governance, and controls (essential). Experience with cloud security solutions and modern threat modeling (preferred). Knowledge of security frameworks like NIST CSF, Mitre ATT&CK (essential). What You'll Get in Return: We offer a competitive salary and benefits, including: Company Pension Scheme Private Medical Insurance Group Income Protection Group More ❯

and industry-specific regulations Experience implementing compliance and control frameworks Proficiency in IT governance and quality standards Knowledge of security management frameworks like ISO/IEC 27001, ITIL, COBIT, NIST standards Strong stakeholder management skills High integrity and professionalism in handling confidential matters Familiarity with risk management tools like OneTrust or similar is preferred Benefits: At Sword, we value our More ❯

and governance requirements and control identification. Experience delivering cloud-focused security solutions and understanding of modern cyber threats and threat modeling techniques. Good understanding of security frameworks such as NIST CSF, Mitre ATT&CK. Benefits At Sword, our core values and culture focus on caring for our people, investing in training and career development, and building inclusive teams where everyone More ❯

or equivalent experience and relevant qualifications. Knowledge of common information security management frameworks, such as International Standards Organization (ISO) 27001, the IT Infrastructure Library (ITIL) or the National Institute of Standards and Technology Cybersecurity Framework. Understanding of networks, systems, applications and Cloud technologies. Familiarity with the principles of cryptography. Knowledge of security testing. Experience of working and learning within a More ❯

Engineering Role. Leading delivery of MOD accreditation and secure by design processes (ISN2023/09), associated policies and practices across the lifecycle. Experience in the application of standards including NIST Special Publications (e.g. SP 800-30, 37 & 53). Application of Defence standards including Defstan 05-138 & Defstan 05-139. Experience managing risks and services in accordance with customer More ❯

Engineering Role. Leading delivery of MOD accreditation and secure by design processes (ISN2023/09), associated policies and practices across the lifecycle. Experience in the application of standards including NIST Special Publications (e.g. SP 800-30, 37 & 53). Application of Defence standards including Defstan 05-138 & Defstan 05-139. Experience managing risks and services in accordance with customer More ❯

a business environment Exposure to cloud migrations, ideally Azure (some AWS experience also fine) Experience supporting enterprise platforms like IIS & SQL Familiarity with compliance standards (ISO 27001, Cyber Essentials, NIST) There's no on call requirement, though some flexibility around out of hours work may occasionally be needed. This is a genuinely varied and collaborative environment, one where you can More ❯

as well as a deep understanding of cyber security regulations as they apply to different sectors Analysis and management of risks and cybersecurity controls. Standards and methodologies: ISO 27000, NIST, SANS CSC, etc. • Understanding of Infrastructure, Networking and Cloud environments Knowledge in Identity & Access Management Knowledge in Backup & Recovery technologies and installation Previous experience working with or within an Incident More ❯

as well as a deep understanding of cyber security regulations as they apply to different sectors Analysis and management of risks and cybersecurity controls. Standards and methodologies: ISO 27000, NIST, SANS CSC, etc Understanding of Infrastructure, Networking and Cloud environments Knowledge in Identity & Access Management Knowledge in Backup & Recovery technologies and installation Previous experience working with or within an Incident More ❯

Cyber/Engineering Role. Involvement in MOD accreditation and secure by design processes (ISN2023/09), associated policies and practices across the lifecycle. Knowledge or application of standards including NIST Special Publications (e.g. SP 800-30, 37 & 53). Managing risks and services in accordance with customer, regulatory and legislative expectations. Experience outside of traditional enterprise IT scenarios extending to More ❯

or cyber security, or equivalent professional certification. Experience: 3+ years in a Cyber/Engineering role. Involvement in MOD accreditation and secure by design processes. Knowledge of standards like NIST SP 800-30, 37, 53. Experience managing risks and services in compliance with regulations. Experience with software, firmware, and hardware security. Conducting risk assessments, threat modelling, vulnerability analysis. Overseeing security More ❯

regulatory drivers (e.g., FCA/PRA Operational Resilience Policy, DORA, SYSC 8, PS 21/3, CP4/24) and relevant industry frameworks (COBIT, ITIL, ISO 27001/22301, NIST CSF). Strong analytical skills with the ability to translate complex technical issues into clear, business-focused recommendations. Possession of strong team working and leadership skills, including the ability to More ❯

related Recognised Industry Security Qualifications eg CCP, CISSP, CISM or similar (or able to achieve Proven experience of assessing and managing information risk in line with industry good practice (NIST, ISO 27001) Experience managing a team and working with customers ideally within a complex engineering or industrial setting Benefits: As well as a competitive pension scheme, BAE Systems also offers More ❯

related Recognised Industry Security Qualifications eg CCP, CISSP, CISM or similar (or able to achieve Proven experience of assessing and managing information risk in line with industry good practice (NIST, ISO 27001) Experience managing a team and working with customers ideally within a complex engineering or industrial setting Benefits: As well as a competitive pension scheme, BAE Systems also offers More ❯

related Recognised Industry Security Qualifications eg CCP, CISSP, CISM or similar (or able to achieve Proven experience of assessing and managing information risk in line with industry good practice (NIST, ISO 27001) Experience managing a team and working with customers ideally within a complex engineering or industrial setting Benefits: As well as a competitive pension scheme, BAE Systems also offers More ❯

related Recognised Industry Security Qualifications eg CCP, CISSP, CISM or similar (or able to achieve Proven experience of assessing and managing information risk in line with industry good practice (NIST, ISO 27001) Experience managing a team and working with customers ideally within a complex engineering or industrial setting Benefits: As well as a competitive pension scheme, BAE Systems also offers More ❯

of IT Audits, IT Application Controls (ITAC)/IT General Controls (ITGC)/Cyber Security Assessments/Data Privacy Assessments Good understanding of industry frameworks such as COSO, COBIT, NIST, ISO27001, and control frameworks Depth of knowledge of key areas in technology risk, including operations, change, security, resilience at both application and infrastructure layers Experience with data analytics tools and More ❯

work, learn, and thrive. What you'll need: Industry best-practices - Strong technical knowledge and experience of Cyber Security best practices, risks, frameworks and standards, including practical application of NIST, MITRE and ISO27001. Related cyber/information qualifications valued e.g. Certified Information Systems Security Professional (CISSP). Security testing - Knowledge and understanding of ethical hacking/security testing best practices More ❯

and human-to-machine) Knowledge/understanding of hardware security modules (HSMs) for storing cryptographic keys securely, including integration with enterprise applications for key generation and usage. Familiarity with NIST's Post-Quantum Cryptography (PQC) standardization efforts and practical approaches for transitioning to quantum-resistant encryption schemes. Knowledge of FIPS 140-2 and FIPS 140-3 validated cryptographic modules and More ❯

effectiveness of cyber governance. Lead continuous improvement initiatives and mentor key personnel within governance functions. Ensure all policies, procedures, and controls are compliant with regulatory standards (NCSC, ISO 27001, NIST, CIS Controls). Identify, assess, and manage risks to project or organisational goals. Build alignment with executive stakeholders, board members, and external partners to ensure accountability and clear decision-making … processes. Qualifications A proven track record in leading cybersecurity risk and governance transformations in complex or government/defence environments. Deep knowledge of cybersecurity frameworks (e.g., NIST, ISO 27001, CIS Controls) and regulatory obligations. Experience designing and implementing cybersecurity governance structures from the ground up. Strong analytical and strategic thinking skills to assess risks and influence operational change. Excellent communication More ❯

key regulatory and cyber governance frameworks, including: NCSC CAF (Enhanced Profile) Ofgem NIS CAF Overlay NIS Regulations (UK) ISA/IEC 62443 series ISO/IEC 27001, 31010, and NIST CSF Represent the organisation in regulatory discussions, audits, and cybersecurity working groups Define and govern the security architecture using ISA/IEC 62443 zones and conduits methodology Provide assurance of … SRO, or equivalent), ideally within regulated or Critical National Infrastructure (CNI) sectors Deep knowledge of regulatory and assurance frameworks such as ISA/IEC 62443, NCSC CAF, NIS Regulations, NIST CSF, and ISO/IEC 27001 Proven track record of leading secure digital transformation across complex IT/OT environments Strong understanding of enterprise security architecture, Secure by Design practices More ❯