1 to 25 of 265 NIST Jobs in the UK

to technical and non-technical stakeholders, including executive leadership. Governance and Compliance: Ensure all detection processes and tools adhere to regulatory requirements and industry standards (e.g., GDPR, PCI-DSS, NIST). Establish and maintain documentation of detection strategies, processes, and configurations. Professional Technology Skills (the professional technology skills you need to be able to do the job) Ability to: Proven More ❯

with SIEM, SOAR, EDR, UTM, and honeypots. Cloud Security: Understanding of cloud platform security measures (AWS, Azure, etc.) Security Frameworks: Advanced knowledge of frameworks such as MITRE ATT&CK, NIST, etc. Consulting Skills: Risk Management: Ability to assess, prioritize, and manage security risks aligned with client needs Strategic Planning: Capable of developing and executing end-to-end security strategies Communication More ❯

Support incident response and remediation efforts for security breaches. Provide security guidance and training to teams across the organization. Key Skills & Experience: Strong knowledge of security frameworks (ISO 27001, NIST 800-30/53, OWASP) . Experience with risk management methodologies and compliance with MOD and HMG security standards (JSP, Def Stan 05-138/139). Proficiency in security More ❯

Support incident response and remediation efforts for security breaches. Provide security guidance and training to teams across the organization. Key Skills & Experience: Strong knowledge of security frameworks (ISO 27001, NIST 800-30/53, OWASP) . Experience with risk management methodologies and compliance with MOD and HMG security standards (JSP, Def Stan 05-138/139). Proficiency in security More ❯

services. Define service level objectives (SLOs) and key performance indicators (KPIs) for all security services. Compliance, Governance & Risk Management: Ensure alignment with global compliance requirements such as ISO 27001, NIST, SOC 2, GDPR, and others. Partner with governance, legal, and ISRM teams to implement enforceable policies and standards across identity, endpoint, and data domains. Implement automated compliance controls and continuous More ❯

compliance standards and regulations (e.g., GDPR, HIPAA, PCI DSS). Conduct regular security audits and assessments to identify and address compliance gaps. Familiarity with industry standards and frameworks like NIST Cybersecurity Framework, ISO 27001, and CIS Critical Security Controls. Familiarity with the use of standard security technology solutions and processes such as user provisioning, directory, SIEM, vulnerability management, Cloud Security More ❯

MOD/GDS Secure by Design Principles Supplier Chain Assurance and Risks. Security related legislation (e.g. GDPR, PCI DSS, ICO requirements). Security Control Frameworks such as ISO 27001, NIST CSF and CIS Controls v8. HMG, NPSA and NCSC security policies, standards and guidance. Have experience building and implementing secure by design principals within the software development lifecycle (SDLC). More ❯

You'll Bring Prior and proven experience gained as a Security Architect or in a technical cyber role. Expertise in: Security legislation (GDPR, PCI DSS, ICO) Frameworks (ISO 27001, NIST CSF, CIS Controls v8) HMG/NCSC policies and guidance Cloud security (AWS, Azure) Microservice architectures PKI, Cryptography, Privileged Access Management Certifications: SABSA, TOGAF, AWS/Azure Architect, CISSP, CISM More ❯

SPL, AQL. Scripting experience with Python or PowerShell for automation. Deep understanding of threat detection, incident response, and the cyber kill chain. Familiarity with frameworks including MITRE ATT&CK, NIST, and CIS. Strong communication, analytical, and presentation skills. Solid understanding of network traffic flows, vulnerability management, and penetration testing principles. Knowledge of ITIL processes (Incident, Problem, Change Management). Ability More ❯

technical solution design, e.g. Zero Trust, least privilege RBAC, Security by Design, PAM, Segregation of Duties Data Protection and DLP Experience Experience with the following would also be beneficial: NIST, SOC2 and additional compliance and regulatory frameworks Project Management and technical delivery Experience of, or a keen interest in, the business of sport Benefits We offer a benefits package to More ❯

integration, and security-by-design principles. Support Architecture Review Boards and governance processes. Engage with senior business and technology stakeholders to ensure alignment with regulatory and risk frameworks (ISO27001, NIST, FCA, GDPR, PCI-DSS). Required Experience Extensive experience as a Security Architect within large-scale financial services or enterprise environments . Proven ability to design and implement secure architectures More ❯

MOD/GDS Secure by Design Principles Supplier Chain Assurance and Risks. Security related legislation (e.g. GDPR, PCI DSS, ICO requirements). Security Control Frameworks such as ISO 27001, NIST CSF and CIS Controls v8. HMG, NPSA and NCSC security policies, standards and guidance. Have experience building and implementing secure by design principals within the software development lifecycle (SDLC). More ❯

Security+, CEH, CySA+, or Cloud Security Engineer. Extensive experience in cybersecurity, especially incident response and technical operations. Strong understanding of AWS and Azure cloud platforms. Familiarity with frameworks like NIST, ISO, COBIT, and OWASP. Proven success in leading and delivering security projects. Experience with PowerShell and automation. Consulting experience across IT and digital teams. Flexibility for occasional travel and out More ❯

query languages (KQL, SPL, AQL) Scripting skills (Python, PowerShell) for automation and enrichment Deep knowledge of threat detection, incident response, and cyber kill chain Familiarity with MITRE ATT&CK, NIST, and CIS frameworks Understanding of network traffic flows and vulnerability management Exposure to ethical hacking and penetration testing Knowledge of ITIL disciplines (Incident, Problem, Change Management) Experience with ServiceNow Security More ❯

OSI model, with the ability to apply layered security controls across infrastructure and cloud environments. Demonstrated ability to assess control effectiveness and identify compliance gaps against frameworks such as NIST, ISO 27001, CIS Benchmarks, and PCI DSS. Experienced in conducting security assessments and aligning solutions with ITSM, ITIL, and service improvement standards. Proven track record in supporting security incidents, implementing More ❯

Qualifications & Experience Strong background in cyber security, with extensive experience in managing security operations, policies, and risk management. Demonstrable knowledge of security standards, frameworks and compliance (e.g. ISO 27001, NIST, Cyber Essentials Plus). Proven experience in developing and delivering cyber security strategies within complex organisations. Hands-on expertise across infrastructure, applications, and cloud environments. Track record of leading incident More ❯

Information Assurance Risk Assessment and Risk Treatment Plans Establish security requirements for cloud-based solutions by evaluating business strategies and requirements, implementing security standards such as ISO 27000 series, NIST, CSF, and CSA Identify and deliver appropriate controls based on industry standards (e.g. CCM) to drive cloud and customer security solutions framework based on business risk and cloud native threats. More ❯

evaluate security controls. Ensure solutions comply with 'Secure by Design' principles, corporate policies, and industry frameworks. Assess vulnerabilities, lead risk mitigation, and ensure compliance with industry standards (ISO 27001, NIST, NCSC). Contribute to security design documentation, options papers, and client presentations. Collaborate across 1st, 2nd, and 3rd lines of defense on cyber risk, compliance, and governance. Create and present More ❯

experience in Information Security and/or Information Technology. Professional certification such as CISA, CISM, CISSP, ISO 27001 Lead Auditor, or equivalent. Familiarity with industry standards and frameworks e.g., NIST 800-53, ISO 27001/27002, CIS Controls, COBIT. Experience with control testing methodologies, risk assessments, and auditing tools. Familiarity with IT systems, and cybersecurity practices and domains. Strong analytical More ❯

to undergo DV clearance/UK Citizen/residing in UK Strong working knowledge of: JSP440, JSP604/453, JSP490 MOD/GDS Secure by Design principles ISO 27001, NIST CSF, CIS Controls v8 HMG, NPSA, NCSC policies and guidance Cloud security (Azure, AWS), containerisation, KMS, WAFs Event-driven microservices, network infrastructure, IDS/IPS AI security (ISO42001 desirable), ITHC More ❯

and experience: Strong expertise in defining, delivering, and supporting robust, resilient, and secure enterprise infrastructure. Experience with IT audits and compliance frameworks such as CIS, PCI DSS, Cyber Essentials, NIST, ISO 27001. An understanding of network security and compliance in regulated environments. Strong networking knowledge (LAN, WAN, DNS, DHCP, VPN, TCP/IP). Proficiency in firewall and load balancer More ❯

hands-on security engineering and resilience experience: Hands-on experience in disaster recovery, failover testing, and IT operational resilience. Solid knowledge of business continuity and security frameworks (ISO27001, ISO22301, NIST etc). Proficiency with infrastructure tooling and at least one scripting language (PowerShell or Python preferred). Experience with Nutanix, VMware, Commvault, and hybrid cloud platforms Azure (preferred), AWS or More ❯

experience may compensate for lack of formal education. Certifications such as CISSP, CISM, expert level Azure, or similar are a plus. Familiarity with security frameworks (ISO 27001, SOC 2, NIST, FedRAMP). Competencies Advanced knowledge of cyber security. Excellent leadership, communication, and cross-functional collaboration and mentoring skills. More ❯

network observability and predictive analytics to proactively prevent outages. Security, Compliance & Risk Management: Drive zero-trust security frameworks, ensuring secure and resilient network access. Ensure adherence to ISO 27001, NIST, SOC 2, GDPR, and industry best practices. Collaborate with cybersecurity teams to enhance network threat detection and mitigation. Implement automated security policy enforcement, reducing human intervention in risk mitigation. Financial More ❯

Key Vault, Azure Security Center. Microsoft Sentinel Deep understanding of cloud-native security, zero-trust models, and secure network architecture Familiarity with compliance standards and security frameworks such as NIST, CIS, ISO 27001, GDPR, and HIPAA Excellent verbal and written communication skills with the ability to convey complex technical issues to business leaders Qualifications such as Microsoft Azure Security Engineer More ❯