1 to 25 of 657 NIST Jobs in the UK

the company's information protection requirements. Performs or coordinates internal security assessments, penetration tests, vulnerability scans, and assess organization cybersecurity maturity Complying with frameworks and regulations such as COBIT, NIST (800-53, cybersecurity), ISO, ITIL, PCI, GLBA, GDPR, HIPAA, and other data privacy and security standards and regulations. Provides internal customer support via assigned tickets for security-related issues, while … Systems, Computer Science, or similar discipline. Provides a documented work history that includes a minimum of 5-years experience in Information Security. Proficiency in security framework models such as NIST, etc., implementing and auditing security measures, security response, and incident management. Possess a working knowledge of Cisco network switches, routers, firewalls and VPN, network security, administration of DLP, antivirusantimalware, IDS … Ability to manage and continuously improve upon vulnerability management program. Ability to propose solutions for closing identified vulnerabilities in the infrastructure. Desired Qualifications: Certified Information System Security Professional (CISSP), NIST Cybersecurity Framework (NCSF), Certified Cloud Security Professional (CCSP) andor Certified Ethical Hacker (CEH) Knowledge and experience with Microsoft Office and Visio. Knowledge of WAN technologies including MPLS, SD WAN. Knowledge More ❯

maintain security policies, procedures, and incident response plans on managed devices. Conduct security awareness training and advise clients on best practices. Assist in security audits, compliance initiatives (ISO 27001, NIST, GDPR, etc.), and regulatory assessments. Be a technical specialist who is responsible for engaging and scaling with other teams within and outside the organisation throughout the sales cycle, engaging partners … as KQL. Hands-on experience with threat detection, incident response, and forensic analysis. Deep understanding of Palo Alto XSOAR or similar. Familiarity with compliance standards such as ISO 27001, NIST, CIS, GDPR, and HIPAA. Proficiency in scripting and automation (Python, PowerShell, Bash) is a plus. Deep technical understanding of Microsoft security architectures, solutions and technologies. Relevant security certifications such as More ❯

security risks. To develop and embed best-practice security processes and knowledge into technical teams aligned to Zero Trust principles and in line with industry standards and frameworks (e.g. NIST, PCI DSS). To identify opportunities for automation and optimization and drive maximum value from existing technologies and services to strengthen Clarks' overall security posture. DIMENSIONS Financial : No direct financial … project and architecture teams to plan and deliver remediation activities Supporting the development of relevant security roadmaps and activity plans aligned to Zero Trust principles and common industry frameworks (NIST, PCI DSS etc) Assisting in the review and development of operational processes and procedures required to maintain cyber security for I T services, including managing endpoint compliance, system hardening, host … and data protection laws and regulations and how they apply to technology environments (e.g. GDPR, PIPL etc) Knowledge of other regulatory or compliance frameworks such as ISO, PCI DSS, NIST etc Likely to hold at least one common security certification (CEH, CCSP, CISSP, OSCP) alongside other relevant IT certifications (ITIL, AMP, Prince2 etc) preferred Additional technologies/experience: Experience with More ❯

risks, identify vulnerabilities, and create threat models for new and existing systems to prioritize security controls. Compliance and Governance: Ensure solutions comply with regulatory and organizational security standards (e.g., NIST, ISO 27001, GDPR). Solution Design: Lead the design and architecture of security solutions, including identity and access management, data protection, network security, and application security. Technical Leadership: Collaborate with … Expertise in firewalls, IDS/IPS, SIEMs, endpoint protection, and encryption technologies Cloud Security: Proficient in securing cloud platforms (e.g., AWS, Azure, Google Cloud) Standards and Frameworks: Familiarity with NIST, CIS, ISO 27001, and other security standards Certifications (preferred): CISSP, CISM, CISA, SABSA, TOGAF Soft Skills: Strong analytical, communication, and problem-solving skills Desirable Skills: Experience in Agile/Scrum More ❯

implement disaster recovery procedures. Manage cybersecurity projects to ensure timely delivery within budget. Perform or coordinate security assessments, penetration tests, and vulnerability scans. Ensure compliance with frameworks like COBIT, NIST, ISO, PCI, GDPR, HIPAA, etc. Provide internal support for security issues within SLAs. Evaluate and implement CIS controls as needed. Contribute to cybersecurity strategic planning and budgeting. Follow change management … policies. Qualifications Bachelor's degree required; advanced degree highly desirable. Minimum 5 years experience in Information Security. Proficiency in security frameworks like NIST, implementing and auditing security measures. Knowledge of Cisco networking, firewalls, VPN, DLP, IDS/IPS, SIEM, and related technologies. Experience with identity access management solutions such as SAML, OAuth. Relevant security certifications (e.g., CISSP, CISM, CEH) are … highly desirable. Ability to analyze and recommend security improvements. Desired Qualifications Certifications like CISSP, NIST CSF, CCSP, CEH. Knowledge of cloud security (AWS, GCP, Azure). Experience managing Cisco ELA products, Splunk, SolarWinds, Varonis, Darktrace. Experience in HIPAA/FDA regulated environments. Competencies Motivation, initiative, administrative skills, interpersonal skills, self-management, thinking skills, customer orientation, adaptability, problem-solving, and effective More ❯

SIEM, vulnerability scanners, firewalls, antivirus, and endpoint protection platforms. Familiarity with cloud security (AWS, Azure, or GCP) and hybrid environments. Good understanding of regulatory frameworks and standards (ISO 27001, NIST, PCI DSS). Professional certifications such as CISSP, CISM, CEH, or CompTIA Security+ are highly desirable. Excellent analytical, problem-solving, and communication skills. Desirable: Experience in the finance or fintech More ❯

SIEM, vulnerability scanners, firewalls, antivirus, and endpoint protection platforms. Familiarity with cloud security (AWS, Azure, or GCP) and hybrid environments. Good understanding of regulatory frameworks and standards (ISO 27001, NIST, PCI DSS). Professional certifications such as CISSP, CISM, CEH, or CompTIA Security+ are highly desirable. Excellent analytical, problem-solving, and communication skills. Desirable: Experience in the finance or fintech More ❯

you will help our clients: Security Architecture: Translate business, data protection and security requirements into practical and well-structured architectural designs, utilizing industry best practices and security frameworks (e.g., NIST, ISO 27001, CIS). Develop and maintain secure architectural patterns and standards, with a solid working knowledge of cloud security (AWS, Azure, GCP). Apply risk-based and threat-based … information security, data protection, and security architecture roles, with a focus on cloud security, and compliance. Strong understanding of security governance, risk, and compliance frameworks such as ISO 27001, NIST 800-53/CSF, NIS/NIS2, DORA, UK CNI/OT/IIOT compliance. Hands-on experience building credibility with external stakeholders through technical presentations, audits, or compliance reporting More ❯

risk assessments and managed mitigation strategies Understanding SWIFT CSP, and operational resilience frameworks Knowledge of implementing and managing ISO27001:2022 Information Security Management Systems Familiar with: SOC2 Type II, NIST CSF, PCI DSS and NCSC guidance Familiarity with Data Protection and Financial regulations i.e. GDPR, FCA regulations, PRA guidelines, UK Data Protection Act, DORA Skills: Technically astute, understands technical risks More ❯

win plans. Maintain and update security policies, procedures, and incident response plans. Deliver security awareness training and advise clients on best practices. Support audits and compliance initiatives (ISO 27001, NIST, GDPR, etc.). Work cross-functionally with internal and external teams, including partner engagements. Research emerging threats and recommend security framework enhancements. Mentor and support junior security team members. What … and KQL. Proven skills in threat detection, incident response, and forensic analysis. Knowledge of SOAR tools (especially Palo Alto XSOAR or similar). Familiarity with compliance standards: ISO 27001, NIST, CIS, GDPR, HIPAA. Bonus: scripting/automation skills (Python, PowerShell, Bash). Deep understanding of Microsoft security technologies. Certifications such as CISSP, CEH, OSCP, CISM, or Security+ are highly desirable. More ❯

win plans. Maintain and update security policies, procedures, and incident response plans. Deliver security awareness training and advise clients on best practices. Support audits and compliance initiatives (ISO 27001, NIST, GDPR, etc.). Work cross-functionally with internal and external teams, including partner engagements. Research emerging threats and recommend security framework enhancements. Mentor and support junior security team members. What … and KQL. Proven skills in threat detection, incident response, and forensic analysis. Knowledge of SOAR tools (especially Palo Alto XSOAR or similar). Familiarity with compliance standards: ISO 27001, NIST, CIS, GDPR, HIPAA. Bonus: scripting/automation skills (Python, PowerShell, Bash). Deep understanding of Microsoft security technologies. Certifications such as CISSP, CEH, OSCP, CISM, or Security+ are highly desirable. More ❯

win plans. Maintain and update security policies, procedures, and incident response plans. Deliver security awareness training and advise clients on best practices. Support audits and compliance initiatives (ISO 27001, NIST, GDPR, etc.). Work cross-functionally with internal and external teams, including partner engagements. Research emerging threats and recommend security framework enhancements. Mentor and support junior security team members. What … and KQL. Proven skills in threat detection, incident response, and forensic analysis. Knowledge of SOAR tools (especially Palo Alto XSOAR or similar). Familiarity with compliance standards: ISO 27001, NIST, CIS, GDPR, HIPAA. Bonus: scripting/automation skills (Python, PowerShell, Bash). Deep understanding of Microsoft security technologies. Certifications such as CISSP, CEH, OSCP, CISM, or Security+ are highly desirable. More ❯

We are Creditspring, a new way of borrowing that focuses on its members and provides them with safe and efficient short-term financial products. We're a fast-growing FCA-regulated consumer credit company. We have members, not customers and More ❯

Sentinel (SIEM) for threat detection, log analysis, and incident response. Establish incident response playbooks and conduct forensic investigations when needed. 4. Compliance & Risk Management Ensure adherence to ISO 27001, NIST, GDPR, and CIS Benchmarks. Conduct risk assessments, vulnerability scans, and security audits. Define data protection, backup, and retention policies aligned with Microsoft 365 compliance tools. 5. Network Security & Infrastructure Protection More ❯

support compliance. Collaborate with IT and business units to ensure secure systems development and operations. Compliance & Risk Management Ensure compliance with regulatory and legal security requirements (e.g., ISO 27001, NIST, HIPAA, GDPR, SOX, etc.). Ensure compliance with applicable data protection laws (e.g., GDPR, CCPA, GLBA). Guide Data Protection Impact Assessments (DPIAs) for high-risk financial data processing activities. … Science, or a related field 5-7+ years of experience in information security, preferably in financial services. In-depth understanding of security frameworks (e.g., ISO/IEC 27001, NIST CSF, CIS Controls) and cybersecurity principles, practices, and regulatory requirements in the finance sector. Experience in security technologies such as firewalls, IDS/IPS, SIEM, encryption, and identity management. Experience More ❯

partner concerns. Methodology and Framework Enhancement: Contribute to the development and refinement of enterprise security architecture methodologies, such as TOGAF and SABSA and Framework adoption such as those in NIST 2.0. Security Tooling Roadmaps: Create detailed roadmaps for security tooling, incorporating vendor investment tracking, horizon scanning, and global threat landscape changes, and communicate these to stakeholders. Baseline Establishment and Design … Experience of Modernised Security Operations Centre including Attack Surface Management. Cloud Security & Risk applied to all service and deployment ISO standards including 27001, 27002, 27005, 270017, 27018, 22301 and NIST CSF 2.0. Technical Security within one or many of the following domains: Identity and Access Management: Expertise in PAM, SSO, Key and Secrets Management, JML, Attestation, RBAC, Identity Governance, Hybrid … Systems Security Professional). CRISC (Certified in Risk and Information Systems Control). Microsoft Cybersecurity Expert incl. M365 Security, Azure Security, Identity & Access Management and Security Operations. AWS Security. NIST Cybersecurity Professional (NCSP) Practitioner. ISO27001. Vendor Qualifications Cisco, VMware, Fortinet, Checkpoint etc. Chartered membership in professional security bodies. More ❯

partner concerns. Methodology and Framework Enhancement: Contribute to the development and refinement of enterprise security architecture methodologies, such as TOGAF and SABSA and Framework adoption such as those in NIST 2.0. Security Tooling Roadmaps: Create detailed roadmaps for security tooling, incorporating vendor investment tracking, horizon scanning, and global threat landscape changes, and communicate these to stakeholders. Baseline Establishment and Design … Experience of Modernised Security Operations Centre including Attack Surface Management. Cloud Security & Risk applied to all service and deployment ISO standards including 27001, 27002, 27005, 270017, 27018, 22301 and NIST CSF 2.0. Technical Security within one or many of the following domains: Identity and Access Management: Expertise in PAM, SSO, Key and Secrets Management, JML, Attestation, RBAC, Identity Governance, Hybrid … Systems Security Professional). CRISC (Certified in Risk and Information Systems Control). Microsoft Cybersecurity Expert incl. M365 Security, Azure Security, Identity & Access Management and Security Operations. AWS Security. NIST Cybersecurity Professional (NCSP) Practitioner. ISO27001. Vendor Qualifications Cisco, VMware, Fortinet, Checkpoint etc. Chartered membership in professional security bodies. More ❯

partner concerns. Methodology and Framework Enhancement: Contribute to the development and refinement of enterprise security architecture methodologies, such as TOGAF and SABSA and Framework adoption such as those in NIST 2.0. Security Tooling Roadmaps: Create detailed roadmaps for security tooling, incorporating vendor investment tracking, horizon scanning, and global threat landscape changes, and communicate these to stakeholders. Baseline Establishment and Design … Experience of Modernised Security Operations Centre including Attack Surface Management. Cloud Security & Risk applied to all service and deployment ISO standards including 27001, 27002, 27005, 270017, 27018, 22301 and NIST CSF 2.0. Technical Security within one or many of the following domains: Identity and Access Management: Expertise in PAM, SSO, Key and Secrets Management, JML, Attestation, RBAC, Identity Governance, Hybrid … Systems Security Professional). CRISC (Certified in Risk and Information Systems Control). Microsoft Cybersecurity Expert incl. M365 Security, Azure Security, Identity & Access Management and Security Operations. AWS Security. NIST Cybersecurity Professional (NCSP) Practitioner. ISO27001. Vendor Qualifications Cisco, VMware, Fortinet, Checkpoint etc. Chartered membership in professional security bodies. More ❯

Security qualification (degree, CISSP, or CISM) obtained or in progress. Strong technical acumen with broad knowledge across Information/Cyber Security, Software Development, and IT systems. Working knowledge of NIST CSF. Willingness to learn and expand skills in both Information Security and Financial Services. Ability to work autonomously and flexibly within a team, contributing to an improved Bank security posture. … strong attention to detail. Effective time management and ability to prioritize tasks. Strong analytical and problem-solving skills. Proficiency in Microsoft Office. Interested? Please Apply! SOC ISO ISAO CISSP NIST CSF ISO27000 ISO27001 PCI DSS GDPR Cybersecurity Cyber Security Information Security Infosec Cybersec Risk Infrastructure ISMS 2LOD 2 LOD Second Line of Defence More ❯

Security qualification (degree, CISSP, or CISM) obtained or in progress. Strong technical acumen with broad knowledge across Information/Cyber Security, Software Development, and IT systems. Working knowledge of NIST CSF. Willingness to learn and expand skills in both Information Security and Financial Services. Ability to work autonomously and flexibly within a team, contributing to an improved Bank security posture. … strong attention to detail. Effective time management and ability to prioritize tasks. Strong analytical and problem-solving skills. Proficiency in Microsoft Office. Interested? Please Apply! SOC ISO ISAO CISSP NIST CSF ISO27000 ISO27001 PCI DSS GDPR Cybersecurity Cyber Security Information Security Infosec Cybersec Risk Infrastructure ISMS 2LOD 2 LOD Second Line of Defence More ❯

Security qualification (degree, CISSP, or CISM) obtained or in progress. Strong technical acumen with broad knowledge across Information/Cyber Security, Software Development, and IT systems. Working knowledge of NIST CSF. Willingness to learn and expand skills in both Information Security and Financial Services. Ability to work autonomously and flexibly within a team, contributing to an improved Bank security posture. … strong attention to detail. Effective time management and ability to prioritize tasks. Strong analytical and problem-solving skills. Proficiency in Microsoft Office. Interested? Please Apply! SOC ISO ISAO CISSP NIST CSF ISO27000 ISO27001 PCI DSS GDPR Cybersecurity Cyber Security Information Security Infosec Cybersec Risk Infrastructure ISMS 2LOD 2 LOD Second Line of Defence More ❯

and analyze security logs and alerts, fine-tuning detections and response playbooks. Risk & Compliance Support Work with GRC and compliance teams to implement security controls aligned with ISO 27001, NIST, SOC 2, and GDPR. Support security reviews for third-party vendors, M&A due diligence, and cloud risk assessments. Ensure compliance with regulatory frameworks and internal security policies. Required Skills More ❯

Work with IT, security, and development teams to ensure solutions meet business needs. Required Skills : Strong knowledge of cybersecurity technologies and practices Expertise in security frameworks (CIS, ISF, Mitre, NIST, or equivalent) Deep understanding of CIS18 controls and security architecture concepts Experience with incident investigation and remediation Proficiency in cloud security (Azure, AWS, or Google Cloud) Excellent stakeholder management and More ❯

SIEM and security monitoring tools for real-time threat detection. Cloud Security Assessments & Compliance Conduct cloud security assessments, penetration testing, and risk analysis . Ensure compliance with ISO 27001, NIST, CIS Benchmarks, GDPR , and other security standards. Collaborate with DevOps teams to integrate security into CI/CD pipelines. Security Automation & Infrastructure as Code (IaC) Automate security policies and compliance More ❯

to manage external security operations. Desirable Certifications: Azure Security Engineer Associate, CISSP, OSCP (Offensive Security Certified Professional), CCSP, or equivalent. Experience with container security (Docker, Kubernetes). Knowledge of NIST, ISO 27001, SOC 2 compliance frameworks. Familiarity with Zero Trust security principles. Other Stuff NB: Please only apply if you are able to work from their Debden (IG10) offices Monday More ❯