1 to 25 of 29 NIST Jobs in Surrey

risk, as well as using GRC tools and guidance developed for Risk mitigation. Practical knowledge of information security standards and risk assessment frameworks such as ISO 27001, SOC 2, NIST 800-32 Strong knowledge of cyber controls, policies, and procedures. Experience of delivering metrics for senior level audiences. Demonstrate analytical and problem-solving skills. Ability to communicate risks associated with More ❯

senior management. Skills Preferred Skills/Requirements Ideally around 5 years of experience in cybersecurity or a related field. Knowledge of security frameworks and standards (e.g., ISO 27001, ITIL, NIST). Experience with security tools and technologies (e.g., firewalls, IDS/IPS). Excellent problem-solving and analytical skills. Strong communication and interpersonal skills. Ability to work independently and as More ❯

Security Analyst plays a key role in supporting Allianz UK's Information Security initiatives, with a focus on executing the Governance, Risk, and Compliance (GRC) activities and implementing the NIST Cyber Security Framework (CSF) across the organisation. The NIST analyst will involve in day-to-day GRC operations, such as designing and implementing security controls, interpreting requirements from the Group … Information Security Analyst at Allianz UK, you will be pivotal in advancing the company's Information Security initiatives by executing Governance, Risk, and Compliance (GRC) activities and implementing the NIST Cyber Security Framework (CSF) organization-wide. Your role will involve daily GRC operations, including designing and implementing security controls, interpreting requirements from the Group Information Security Framework, and managing non … analysing potential risks, and monitoring progress on maturity uplifting across security functions. You will be developing and implementing an information security controls catalogue, policies, and procedures aligned with the NIST Cyber Security Framework (CSF). Collaborating with the wider organization to integrate control testing and risk management activities into the existing governance framework. Assisting cross-functional teams and business units More ❯

Job Description: Technology External Assurance Analyst Contract: Hybrid – (1 day per week in office preferred) Location: Staines (TW18 3DZ) or Leeds (LS5 3BF) Permanent - Full time 37.5hours Salary range: £55,000– £65,000 (depending on experience & location) We consider all More ❯

model) Must be able to function in a dynamic environment subject to impromptu changes in schedules and priorities Demonstrate well-developed organizational, written communication, and analytical skills. Knowledge of NIST Cybersecurity Framework, OWASP SAMM, OWASP Top10, and others. Programming Experience preferred CISSP and other security certifications preferred YOU'LL LOVE WORKING HERE BECAUSE YOU CAN Deliver at epic scale. We More ❯

essential. Key Responsibilities: Lead the design and implementation of security management processes for a new service offering. Develop and maintain a unified ISMS aligned with ISO/IEC 27001, NIST, PRISMA, and CoBIT frameworks. Conduct gap analyses and risk assessments to ensure compliance with relevant security standards and regulatory requirements. Collaborate with stakeholders across technical and business teams to embed … certification activities, ensuring documentation and controls are in place and effective. Proven experience in information assurance, cyber security, or risk management roles. Strong knowledge and practical experience with ISO27001, NIST, PRISMA, and CoBIT frameworks. Demonstrated ability to design and implement ISMS in complex, multi-stakeholder environments. Excellent communication and stakeholder engagement skills. Relevant certifications such as CISSP, CISM, ISO27001 Lead More ❯

CISM, or CISSP. Strong information security/assurance, audit, compliance and risk knowledge, experience of IT risk and assurance frameworks, and control assurance assessments (e.g. ISO 27001, CIS 20, NIST, etc). Demonstrable experience in planning, executing and supervision of activities/deliverables such as controls assessments or audits. Demonstrable experience in review and assessment of contractual or regulatory artifacts More ❯

CISM, or CISSP. Strong information security/assurance, audit, compliance and risk knowledge, experience of IT risk and assurance frameworks, and control assurance assessments (e.g. ISO 27001, CIS 20, NIST, etc). Demonstrable experience in planning, executing and supervision of activities/deliverables such as controls assessments or audits. Demonstrable experience in review and assessment of contractual or regulatory artifacts More ❯

reporting ability, with an understanding on how to tailor reports to show improvements and learnings In depth understanding of modern attack techniques and flows Clear and demonstratable understanding of NIST and MITRE Att&ck Methodologies Experience in cloud environments (Ideally Azure) Strong communication skills with evidence of being in a position responsible for taking feedback from technical teams and turning … preferred Security Incident related qualifications (e.g SANS 504) At least 3 years of experience working in an Incident Response position. Experienced responding to global complex security events Experienced using NIST or MITRE frameworks to deploy defensive plans and/or actions Experience explaining the risk of security threats and creating mitigations. Experience of general IT infrastructure technologies and principles. Experience More ❯

at least one of the scripting tools: Python/Perl/PowerShell. Experience collaborating with legal, compliance, and business continuity teams during major incidents Familiarity with frameworks such as NIST 800-61, ISO 27035, or MITRE ATT&CK for incident response planning and execution GIAC Certification GCFE/GCFA/GREM/GNFA/GCIA/GMON Certification in Azure More ❯

processes Stay current on emerging threats, vulnerabilities, and industry trends Nice to Have Experience automating metrics pipelines using scripting, APIs, or business intelligence platforms. Familiarity with regulatory frameworks (e.g., NIST, ISO 27001, CIS) and how they influence security metrics Prior experience working closely with IT operations, application teams, and others to support remediation and reporting efforts What We’ll Give More ❯

processes Stay current on emerging threats, vulnerabilities, and industry trends Nice to Have Experience automating metrics pipelines using scripting, APIs, or business intelligence platforms. Familiarity with regulatory frameworks (e.g., NIST, ISO 27001, CIS) and how they influence security metrics Prior experience working closely with IT operations, application teams, and others to support remediation and reporting efforts What We’ll Give More ❯

at the heart of everything we do, "Brighten everyday life for all". Role Purpose: Unilever's Cyber Security team is a global, product-led function aligned to the NIST Cyber Security Framework. We deliver capabilities across governance, protection, detection, response, and recovery to safeguard our people, operations, and digital assets. Operating alongside our Technology and Data teams, Cyber Security … role will report into the Director for Cyber Security Architecture wherein the incumbent will take on responsibility for the Cyber Security Technology Architecture for 2-3 of the following NIST Product Families, namely, Govern, Identify, Protect, Detect, Respond and/or Recover. The incumbent into this Senior Manager position will line manage 1-2 Architecture Managers and potentially … occasional Graduate Trainee and/or Apprentice placements in their team. RESPONSIBILITIES Becoming a trusted advisor in Security Architecture, pro-actively providing security leadership and guidance to Cyber Security NIST Product Teams, Projects and Third Parties. Developing and designing Cyber Security solutions that will be adopted for the protection of OT, IoT, IT infrastructure, Hybrid Cloud, Zero Trust and IT More ❯

using Python. Deep understanding of distributed systems, networking, storage, and compute management. Strong troubleshooting skills, with experience in root cause analysis and timely resolution. Knowledge of security standards (ISO27001, NIST, GDPR) and infrastructure security best practices. Experienced with monitoring/logging tools like Splunk, Grafana, and the ELK stack. Details for the Python Software Engineer, Python, AWS | Python, TDD & BDD More ❯

network of Member Firms for compliance against our information security framework. The ideal candidate will have experience evaluating IT Infrastructure Security technologies, IT general computer controls, industry frameworks (e.g. NIST) and will bring strong information technology audit or security consulting experience to the programme. Location United Kingdom/Europe Main responsibilities The Senior Associate will support with the implementation of … experience in a similar role. Prior experience within a security compliance assurance or auditing position. Understanding of relevant regulatory requirements and assurance processes, including various auditing standards such as NIST and ISO27001 Analytical skills to collect, analyse and interpret information and/or data into useful insight Excellent communication skills, both verbal and written, with the ability to initiate and More ❯

large-scale environments. Deep experience with Azure - securing workloads and using Azure Sentinel & Defender. Proficiency Nexpose or Qualys. Managing complex, global security incidents (e.g., ransomware, data breaches). Using NIST 800-61 or MITRE ATT&CK to structure incident response strategies. Python, PowerShell, or SOAR platforms to improve efficiency. Familiarity with GDPR, PCI-DSS, and financial regulations (e.g., FCA, PRA More ❯

maintain compliance. To be considered for this role, you should have Proven experience in a senior Information Security leadership role. Strong knowledge of security frameworks such as ISO 27001, NIST, GDPR, and other compliance standards. Expertise in risk management, governance, and security architecture. Hands-on experience in designing and implementing security policies and strategies. Strong stakeholder management and the ability More ❯

following is also necessary: Defence CIS, Land Tactical CIS, pan-Government, and NATO CIS services MOD Equipment in service and upcoming releases within 5 years MOD Secure by Design NIST 800-53 and CSF Framework Beneficial but not essential knowledge includes: EA Sparks and Archimate standards TOGAF enterprise architecture standard ITIL service-oriented architecture approach Cyber Security Qualifications such as More ❯

Technology audits or IT Assurance (e.g., CISSP, CISM, CISA, CRISC, CCAK) A sound understanding of British and International Security Standards (e.g., ISO/IEC 27001, ISO/IEC 27002, NIST, CIS-20, PCIDSS) and the UK regulatory environment (e.g., ICO, FCA, PRA and CQC). Our benefits are designed to make health happen for our people. Viva is our global More ❯

Skills and Experience Minimum 6 years of experience in supporting and implementing Security & Incident Recovery solutions Experience with maintaining hardware, software, and network firewalls and encryption protocols Experience of NIST CSF Respond and Recover domains Deep understanding of Resilience and Recovery Components e.g., Veritas, Dell, Rubrik Experience working with Hyperscalers e.g. AWS, Azure or GCP Preferred Skills and Experience Bachelor More ❯

in sole contributor and operating strategically and tactically. We're looking for candidates with experience in: Managing global security incidents at scale Vulnerability management and remediation programs Frameworks like NIST and MITRE ATT&CK Cloud security (Azure preferred) Reporting and communicating with both technical teams and senior stakeholders Comfortable working closely with senior stakeholders and C suite leadership Details: Location More ❯

cloud, notamment dans le modèles hybrides (AWS, Azure et on-prem). - Posséder une connaissance des réglementations telles que GDPR et HIPAA, et des normes industrielles telles que le NIST Secure Software Development Framework (SSDF) et les projets OWASP (Top 10s, Software Assurance Maturity Model, Application Security Verification Standard) pour s'assurer que les applications répondent aux exigences de conformité. More ❯

adherence to best practices and driving successful outcomes. • Collaborating with external partners to co-create innovative cyber security solutions. • Applying your expertise across vulnerability management, cyber tolerant backup, DORA, NIST, and modern security operations to deliver exceptional client results. Your experience as a Cyber Security Pre-Sales Manager or Senior Cyber Security Pre-Sales Manager will include: • A Bachelor’s More ❯

sales process, ensuring best practices and driving successful outcomes. Collaborating with external partners to co-create innovative cyber security solutions. Applying expertise in vulnerability management, cyber tolerant backup, DORA, NIST, and modern security operations. Your experience should include: A Bachelor’s or Master’s degree in a relevant field. At least 5 years of experience in selling and designing technical More ❯

non-technical teams, translating complex concepts into actionable plans. What You’ll Need: Experience delivering cyber security in OT environments (e.g., SCADA, ICS, DCS). Knowledge of frameworks like NIST, CAF, and NCSC guidelines. Excellent communication skills, with the ability to bridge the gap between technical and business stakeholders. This is a unique opportunity to step into a senior, impactful More ❯