1 to 25 of 350 NIST Jobs in the UK

and improve the organization's defences. Policy and Compliance: Establish and enforce security policies, standards, and guidelines to ensure compliance with regulatory requirements and industry frameworks (e.g., ISO 27001, NIST, GDPR). Conduct regular audits and assessments to identify gaps and ensure adherence to security policies. Reporting and Communication: Provide regular updates to senior leadership on the organization's security More ❯

successful participation in certification audits. Strong understanding of financial services regulations and their impact on information security. In-depth knowledge of information security frameworks, standards, and best practices (e.g., NIST, CIS). Experience with secure software development practices and application security testing. Strong technical understanding of network security, system security, and security architecture. Experience with risk management methodologies and tools. More ❯

/CD pipelines and cloud deployments. Manage output from cloud-native security tools (e.g., AWS GuardDuty, Azure Defender). Ensure compliance with industry regulations and standards (e.g., ISO 27001, NIST, GDPR, HIPAA). Provide security guidance on architecture, design reviews, and cloud migrations. Create and maintain cloud security documentation, training materials, and incident response playbooks. Stay current on emerging cloud More ❯

to manage external security operations. Desirable Certifications: Azure Security Engineer Associate, CISSP, OSCP (Offensive Security Certified Professional), CCSP, or equivalent. Experience with container security (Docker, Kubernetes). Knowledge of NIST, ISO 27001, SOC 2 compliance frameworks. Familiarity with Zero Trust security principles. Other Stuff NB: Please only apply if you are able to work from their Debden (IG10) offices Monday More ❯

infrastructure-as-code security (Terraform, CloudFormation) and cloud security posture management. Strong understanding of identity & access management (OAuth, OIDC, SAML, JWT) and API security. Knowledge of industry frameworks like NIST, ISO 27001, and SOC 2. Experience driving developer enablement and security training initiatives. Excellent communication and collaboration skills to engage with engineering, product, and leadership teams. Preferred Qualifications Security certifications More ❯

Support incident response and remediation efforts for security breaches. Provide security guidance and training to teams across the organization. Key Skills & Experience: Strong knowledge of security frameworks (ISO 27001, NIST 800-30/53, OWASP) . Experience with risk management methodologies and compliance with MOD and HMG security standards (JSP, Def Stan 05-138/139). Proficiency in security More ❯

Support incident response and remediation efforts for security breaches. Provide security guidance and training to teams across the organization. Key Skills & Experience: Strong knowledge of security frameworks (ISO 27001, NIST 800-30/53, OWASP) . Experience with risk management methodologies and compliance with MOD and HMG security standards (JSP, Def Stan 05-138/139). Proficiency in security More ❯

with development, operations, and executive teams to ensure security practices are understood and implemented across the organization. Compliance: Ensure security architectures comply with regulations such as GDPR, ISO 27001, NIST, and other relevant standards. Requirements Education: Bachelor's degree in Computer Science, Information Security, or a related field; Master's degree preferred. Experience: At least 10 years in IT, with More ❯

experience in information security, with a focus on network security and architecture. Strong knowledge of malicious lateral movement techniques and mitigation strategies. Experience with security frameworks and standards (e.g., NIST, ISO 27001). Excellent communication and leadership skills. Relevant certifications such as CISSP, CISM, or TOGAF are highly desirable. Previous job roles that may indicate success include Information Security Architect More ❯

dotted-line relationship with the VP of TechOps. Responsibilities Security Strategy & Governance - Define and continuously refine the technical security roadmap that aligns with business objectives, industry best practice (e.g., NIST CSF, OWASP SAMM), and compliance frameworks (SOC 2, ISO 27001, GDPR). Secure SDLC & DevSecOps - Build and maintain guardrails for static/dynamic analysis, container and IaC scanning, SBOM management More ❯

following skills and experience: Strong expertise in defining, delivering, and supporting robust, resilient, and secure enterprise infrastructure. Experience with IT audits and compliance frameworks (CIS, PCI DSS, Cyber Essentials, NIST, ISO 27001). In-depth understanding of network security and compliance in regulated environments. Proven ability to secure high-value data (PCI cardholder data, PII) and implement security best practices. More ❯

ll bring: 5+ years in InfoSec, IT Security or Ops within a regulated environment Certification required: CISSP, CISM, CRISC, or equivalent Strong knowledge of ISO27001:2022, SOC2 Type II, NIST CSF, PCI DSS, GDPR, DORA Confident with security risk assessments, audit responses, and policy governance Hands-on cloud security experience: ideally with Azure and the Shared Responsibility Model Comfort with More ❯

ll bring: 5+ years in InfoSec, IT Security or Ops within a regulated environment Certification required: CISSP, CISM, CRISC, or equivalent Strong knowledge of ISO27001:2022, SOC2 Type II, NIST CSF, PCI DSS, GDPR, DORA Confident with security risk assessments, audit responses, and policy governance Hands-on cloud security experience: ideally with Azure and the Shared Responsibility Model Comfort with More ❯

is a core part of our technology services structure with mature or evolving capability across all areas of digital security and cyber defence. We align our efforts to the NIST framework and other recognised certifications including ISO27001 and SOC2 and strive to keep pace with the continually evolving threat landscape, in support of A&O Shearmans strategy to lead where More ❯

is a core part of our technology services structure with mature or evolving capability across all areas of digital security and cyber defence. We align our efforts to the NIST framework and other recognised certifications including ISO27001 and SOC2 and strive to keep pace with the continually evolving threat landscape, in support of A&O Shearman's strategy to lead More ❯

cyber security technologies (e.g., firewalls, Microsoft enterprise cloud services, VPNs, ZTNA, IDS/IPS, SIEM, Juniper MIST, encryption). Experience with security standards and frameworks such as ISO 27001, NIST, and GDPR. Head of Cyber Security Seniority level Seniority level Mid-Senior level Employment type Employment type Full-time Job function Job function Information Technology Industries Law Practice Referrals increase More ❯

EU AI Act). Experience with third-party and outsourcing risk, AI and digital transformation risks. Experience of developing and operating Technology Risk Management Frameworks such as ITIL, COBIT, NIST, ISO. Demonstrable extensive relevant experience of technology and change/operational risk in either a 1LoD or 2LoD capacity (2LoD preferable). Experience in scenario analysis and resilience impact assessments More ❯

controls, including RBAC and Conditional Access, within Azure AD and Microsoft 365. Collaborate with Risk and Compliance teams to ensure infrastructure aligns with enterprise security frameworks (e.g. ISO 27001, NIST, CIS). Support incident response, vulnerability remediation, and disaster recovery planning. Promote a culture of continuous improvement and secure-by-design principles across the technology team. Provide technical leadership and More ❯

common and emerging vulnerabilities including their manifestation in different architectures (web applications, thick clients, APIs, networked infrastructure etc) Familiarity with industry standard guidance OWASP Top 10, SANS Top 25, NIST/CSC, CIS, NCSC etc. Applied understanding of topics such as authentication, access control, encryption, cloud security, operating system security, network security, database security. Experience of writing succinct, reader oriented More ❯

this role you must have demonstrable hands-on expertise with monitoring and securing enterprise class technology estates. You will have proven experience with Cyber Security best practice including the NIST Cloud Security guidelines. You will support ISO 27001 compliance and have strong documentation skills. Experience in the Telco sector and knowledge of the UK Telecom Security Act would be advantageous More ❯

workflows. Define service level objectives (SLOs) and key performance indicators (KPIs) for all security services. Compliance, Governance & Risk Management: Ensure alignment with global compliance requirements such as ISO 27001, NIST, SOC 2, GDPR, and others. Partner with governance, legal, and ISRM teams to implement enforceable policies and standards across identity, endpoint, and data domains. Operationalize policy enforcement through automated controls More ❯

or a related field (or equivalent work experience ) Proven experience in leading identity and access management programs Strong knowledge of security frameworks and standards related to IAM, such as NIST and ISO Strong experience with IGA platforms Familiarity with IAM technologies (e.g., Active Directory, LDAP, OAuth, SAML, etc.) Excellent verbal and written communication skills Ability to work collaboratively in cross More ❯

environments to solve real-world security challenges Key Skills & Experience Cyber Security: Experience in cyber strategy, risk management, security architecture, transformation programmes, and regulatory compliance Knowledge of relevant standards: NIST CSF, ISO27001, NCSC CAF, GDPR, NIS2, etc. Certifications such as CISSP, CISM, CISA, M.Inst.ISP, or MSc in Cyber Security Hands-on experience in areas like GRC, cyber threat management, vulnerability More ❯

environments to solve real-world security challenges Key Skills & Experience Cyber Security: Experience in cyber strategy, risk management, security architecture, transformation programmes, and regulatory compliance Knowledge of relevant standards: NIST CSF, ISO27001, NCSC CAF, GDPR, NIS2, etc. Certifications such as CISSP, CISM, CISA, M.Inst.ISP, or MSc in Cyber Security Hands-on experience in areas like GRC, cyber threat management, vulnerability More ❯

of working in large, complex technology programmes involving multiple concurrent projects with significant experience of delivering through offshore/nearshore strategic vendors. Knowledge of security frameworks & standards (ISO 27001, NIST, CIS, GDPR, SOC 2) Be experienced in 'hands on' technology software delivery from initiation to implementation. Have knowledge of programme and project management methodology and managing full lifecycle of programmes More ❯