19 of 19 NIST Jobs in the Thames Valley

of working in large, complex technology programmes involving multiple concurrent projects with significant experience of delivering through offshore/nearshore strategic vendors. Knowledge of security frameworks & standards (ISO 27001, NIST, CIS, GDPR, SOC 2) Be experienced in 'hands on' technology software delivery from initiation to implementation. Have knowledge of programme and project management methodology and managing full lifecycle of programmes More ❯

risk, as well as using GRC tools and guidance developed for Risk mitigation. Practical knowledge of information security standards and risk assessment frameworks such as ISO 27001, SOC 2, NIST 800-32 Strong knowledge of cyber controls, policies, and procedures. Experience of delivering metrics for senior level audiences. Demonstrate analytical and problem-solving skills. Ability to communicate risks associated with More ❯

ensure proper actions are taken to block further attacks. 5. Compliance and Risk Management: o Ensure all incident response activities align with industry standards, regulations, and best practices (e.g., NIST, ISO 27001, GDPR, HIPAA). o Work with legal and compliance teams to manage incidents within the scope of data privacy laws and regulations. Key Skills & Experience: o Proficient in More ❯

accountability, and inclusion. The ideal candidate will have: Proven senior leadership experience in information security within large, complex organizations. Deep knowledge of information security standards and frameworks (e.g., CIS, NIST, ISO-27001). Experience managing PCI-DSS compliance across multiple payment channels. Strong understanding of GDPR and experience leading a privacy team. Experience leading and developing teams of specialists. Exceptional More ❯

security policies and standards. • Oversee strategic delivery progress reporting. Essential Skills & Abilities: • 7+ years strategic cybersecurity experience. • Current Security Professional Certification (CISSP, CISM). • Proven understanding of security frameworks (NIST, ISO 27001, TOGAF, SABSA). • Deep understanding of AI/ML concepts, algorithms, models, regulations and controls. • Extensive technical experience in AI/ML Security Architecture • Proven threat modelling, risk More ❯

iDP (identity providers) Email authentication (SPF, DKIM, DMARC) Networking and protocols such as DNS, LDAP, HTTP Experience with security standards and frameworks such as ISO, MITRE and/or NIST CISSP, CCSP or other industry certification is beneficial. In addition to the above, if you have a consultative approach to problem solving and/or have a desire to pivot More ❯

Knowledge on security models such as ITIL, ISO27002, PCI DSS and Cobit 5  Experience on Security tools & Technologies  Integration of testing mechanisms with industry best practices such as OWASP & NIST  Good Understanding of IT security policy, procedure, design, and implementation. Behavioral Skills –  Ability to handle multiple strategic & critical projects/deliveries simultaneously  Effective interpersonal, Coaching, team building and communication skills. More ❯

Ability to lead technical conversations, influence customer decisions, and deliver trusted advisory services Existing SC clearance or eligibility to apply Desirable Skills & Certifications Familiarity with industry security frameworks (e.g., NIST, ISO 27001, CIS Controls) Cloud security experience across major hyperscalers More ❯

management response is well defined. Engage risk review and assurance activities across existing suppliers. Provide IT and business advice on aspects of security standards and regulations such as ISO27001, NIST CSF, PCI DSS, NISD and NIS2. Engage with I&T system owners to provide training in relation to information security, cyber resilience, phishing, and facilitation of cyber scenario desktop simulations … controls and consequences across both IT and manufacturing environments in manufacturing or similar industries. Experience working with information security standards and frameworks such as and regulations such as ISO27001, NIST CSF, PCI DSS, NISD and NIS2. Proven analytical, problem-solving, planning, project delivery and supplier work packages management skills. Demonstrable experience of engaging across all levels of a company in More ❯

breaches and collaborate with SecOps for investigations and control changes. -Contribute to the creation and maintenance of security policies, standards, procedures, and documentation. -Support the maintenance of the companies NIST capability maturity. What do you need to be successful? -Experience as a Security Engineer or in a similar role with a strong background in IT Security/IT Operations. -Demonstrable … expertise in security controls and architecture. -Proficiency in security frameworks such as ISO, NIST, and OWASP. -Knowledge of Cloud infrastructure (e.g., Azure). -Experience with security technologies (e.g., SIEM, EDR, IPS, web and email gateways). -Qualifications (desirable): CISSP or similar certification, TOGAF or similar architectural framework certification, Vendor technology training/certifications (e.g., SIEM, EDR, IPS), Experience in security More ❯

system (ISMS) capable of demonstrating compliance against internal security requirements and external commitments including certification and regulatory requirements. Provide subject matter expertise in the application of established standards including NIST, PCI-DSS, GDPR, COBIT, ISO 27001 and Cyber Essential compliance to any new or existing programme of work. Prepare and support internal and/or external compliance audit activities. Manage … certifications. Maintain up-to-date knowledge of legal & regulatory requirements impacting Technology and Operations and its Partners. Apply comprehensive knowledge of legal, regulatory obligations, and industry best practices (e.g., NIST, COBIT, ISO27001, PAS 555) to ensure compliance with technology standards. Schedule and review risk and compliance audits; direct issues to appropriate resources for investigation and resolution. Our people make us … as we continue to deliver for our customers. LI-KS1 Possess one of the Risk or security certifications (CISSP, CRISC, CISM). Have good knowledge and practical experience of NIST, PCI-DSS, GDPR, COBIT, ISO 27001, or Cyber Essentials. Previous experience in a similar role, with the ability to work in a dynamic and changing environment. Excellent team player who More ❯

and know how to influence/negotiate technical outcomes with 3rd parties, including conflict resolution due to changing priorities. Experience of using common information security management frameworks, such as NIST, PCI, GDPR, ISO Series, OWASP the IT Infrastructure Library (ITIL), the ISF Standards of Good Practice (SoGP) and ISACA's Control Objectives for Information and related Technology (COBIT) frameworks. Actively More ❯

techniques that can make our software applications demonstrably more secure and robust. Good understanding of common information security management standards, frameworks, and laws/regulations: e.g . ISO 27001 , NIST , GDPR . Experience of open-source security tools and how they could be used in an enterprise. Experience of securing Azure cloud workloads and environments. Please note, to be considered … InfoSec, Security, Security Strategy, Best Practice, Programming, Code, C++, C#, C, .NET Core, Java, JavaScript, Node.js, Angular, React, OWASP, Agile, Application Threat Modelling, Security Policy, Security Controls, ISO 27001, NIST, GDPR, Cloud, Azure. Please note that due to a high level of applications, we can only respond to applicants whose skills and qualifications are suitable for this position. No terminology More ❯

including accommodation). Ideal candidates are those with strong technical security knowledge (e.g. Networks, IT Infrastructure, Cloud etc.), as well as experience working to HMG Frameworks/Policies (e.g. NIST, Secure by Design). You must have the ability to produce High/Low Level Designs, as well as be comfortable communicating to both technical and non-technical stakeholders. Key More ❯

access control, authentication, and encryption standards across platforms. Work with data scientists and engineers to embed security into model development. Stay current on evolving AI regulations (EU AI Act, NIST AI RMF, GDPR, etc.). Support adversarial testing, model bias assessments, and trustworthiness evaluations. Contribute to training and awareness initiatives on AI/ML security best practices. Act as a More ❯

and controls processes. Good understanding of the retail industry and its needs towards technology risks and controls. Strong understanding with various control frameworks and regulatory requirements, such as COBIT, NIST-CSF, Sarbanes-Oxley (SOX), Privacy (CCPA, GDPR, etc.), and other leading practice frameworks. An ability to communicate complex and technical issues to diverse audiences, orally and in writing, in an More ❯

roles Strong knowledge of Azure, DevOps/cloud engineering, and platform reliability Experience driving observability and monitoring strategies across large-scale services Good working knowledge of cybersecurity practices, frameworks (NIST, ISO 27001, Cyber Essentials), and audit processes Vendor, contract, and license management experience across software and infrastructure suppliers Skilled communicator with experience managing stakeholders across business and technical teams Budget More ❯

roles Strong knowledge of Azure, DevOps/cloud engineering, and platform reliability Experience driving observability and monitoring strategies across large-scale services Good working knowledge of cybersecurity practices, frameworks (NIST, ISO 27001, Cyber Essentials), and audit processes Vendor, contract, and license management experience across software and infrastructure suppliers Skilled communicator with experience managing stakeholders across business and technical teams Budget More ❯

Drive innovation and thought leadership within the Practice by defining standards, sharing knowledge, and mentoring peers Influence customer outcomes through expert knowledge of DevSecOps tools and compliance frameworks like NIST, CIS, SOC 2, and PCI DSS You'll travel to client sites across the UK, working directly with business and technical stakeholders to drive real business value What you'll More ❯