1 to 25 of 951 NIST Jobs in the UK excluding London

re seeking someone with a strong foundation in cybersecurity and IT infrastructure. Ideally, you’ll bring experience or knowledge in the following areas: Familiarity with key security frameworks like NIST 800-53, ISO 27001, CIS Controls, and MITRE ATT&CK. Understanding of information risk management and how to align security controls with business needs. Hands-on experience with network infrastructure More ❯

security risks. To develop and embed best-practice security processes and knowledge into technical teams aligned to Zero Trust principles and in line with industry standards and frameworks (e.g. NIST, PCI DSS). To identify opportunities for automation and optimization and drive maximum value from existing technologies and services to strengthen Clarks' overall security posture. DIMENSIONS Financial : No direct financial … project and architecture teams to plan and deliver remediation activities Supporting the development of relevant security roadmaps and activity plans aligned to Zero Trust principles and common industry frameworks (NIST, PCI DSS etc) Assisting in the review and development of operational processes and procedures required to maintain cyber security for I T services, including managing endpoint compliance, system hardening, host … and data protection laws and regulations and how they apply to technology environments (e.g. GDPR, PIPL etc) Knowledge of other regulatory or compliance frameworks such as ISO, PCI DSS, NIST etc Likely to hold at least one common security certification (CEH, CCSP, CISSP, OSCP) alongside other relevant IT certifications (ITIL, AMP, Prince2 etc) preferred Additional technologies/experience: Experience with More ❯

security risks. To develop and embed best-practice security processes and knowledge into technical teams aligned to Zero Trust principles and in line with industry standards and frameworks (e.g. NIST, PCI DSS). To identify opportunities for automation and optimization and drive maximum value from existing technologies and services to strengthen Clarks’ overall security posture. DIMENSIONS Financial : No direct financial … project and architecture teams to plan and deliver remediation activities Supporting the development of relevant security roadmaps and activity plans aligned to Zero Trust principles and common industry frameworks (NIST, PCI DSS etc) Assisting in the review and development of operational processes and procedures required to maintain cyber security for I T services, including managing endpoint compliance, system hardening, host … and data protection laws and regulations and how they apply to technology environments (e.g. GDPR, PIPL etc) Knowledge of other regulatory or compliance frameworks such as ISO, PCI DSS, NIST etc Likely to hold at least one common security certification (CEH, CCSP, CISSP, OSCP) alongside other relevant IT certifications (ITIL, AMP, Prince2 etc) preferred Additional technologies/experience: Experience with More ❯

SIEM, vulnerability scanners, firewalls, antivirus, and endpoint protection platforms. Familiarity with cloud security (AWS, Azure, or GCP) and hybrid environments. Good understanding of regulatory frameworks and standards (ISO 27001, NIST, PCI DSS). Professional certifications such as CISSP, CISM, CEH, or CompTIA Security+ are highly desirable. Excellent analytical, problem-solving, and communication skills. Desirable: Experience in the finance or fintech More ❯

response workflows, timelines, and action items for continuous improvement. 8. Compliance and Risk Management: o Ensure all incident response activities align with industry standards, regulations, and best practices (e.g., NIST, ISO 27001, GDPR, HIPAA). o Work with legal and compliance teams to manage incidents within the scope of data privacy laws and regulations. Key skills/knowledge/experience More ❯

prem as well cloud-hosted applications or environments. Experience with CTM frameworks like STRIDE, PASTA, MITRE ATT&CK etc. Experience in conducting assessments against common security standards like ISO27001, NIST CSF, NIST 800-53, CIS benchmarks etc. Experience in assessing, documenting and managing cyber risk, including third-party risk. Experience in driving remediation efforts and implementing technical controls to address More ❯

/IPS), and endpoint security Hands-on experience with log analysis and alert triage, vulnerability scanning and patching and incident response Working knowledge of cyber security and compliance frameworks (NIST, ISO 27001, MITRE ATT&CK). Experience or strong interest in using scripting and automation for security operations Soft Skills: Excellent written and verbal communication skills, with the ability to More ❯

partner concerns. Methodology and Framework Enhancement: Contribute to the development and refinement of enterprise security architecture methodologies, such as TOGAF and SABSA and Framework adoption such as those in NIST 2.0. Security Tooling Roadmaps: Create detailed roadmaps for security tooling, incorporating vendor investment tracking, horizon scanning, and global threat landscape changes, and communicate these to stakeholders. Baseline Establishment and Design … Experience of Modernised Security Operations Centre including Attack Surface Management. Cloud Security & Risk applied to all service and deployment ISO standards including 27001, 27002, 27005, 270017, 27018, 22301 and NIST CSF 2.0. Technical Security within one or many of the following domains: Identity and Access Management: Expertise in PAM, SSO, Key and Secrets Management, JML, Attestation, RBAC, Identity Governance, Hybrid … Systems Security Professional). CRISC (Certified in Risk and Information Systems Control). Microsoft Cybersecurity Expert incl. M365 Security, Azure Security, Identity & Access Management and Security Operations. AWS Security. NIST Cybersecurity Professional (NCSP) Practitioner. ISO27001. Vendor Qualifications Cisco, VMware, Fortinet, Checkpoint etc. Chartered membership in professional security bodies. More ❯

partner concerns. Methodology and Framework Enhancement: Contribute to the development and refinement of enterprise security architecture methodologies, such as TOGAF and SABSA and Framework adoption such as those in NIST 2.0. Security Tooling Roadmaps: Create detailed roadmaps for security tooling, incorporating vendor investment tracking, horizon scanning, and global threat landscape changes, and communicate these to stakeholders. Baseline Establishment and Design … Experience of Modernised Security Operations Centre including Attack Surface Management. Cloud Security & Risk applied to all service and deployment ISO standards including 27001, 27002, 27005, 270017, 27018, 22301 and NIST CSF 2.0. Technical Security within one or many of the following domains: Identity and Access Management: Expertise in PAM, SSO, Key and Secrets Management, JML, Attestation, RBAC, Identity Governance, Hybrid … Systems Security Professional). CRISC (Certified in Risk and Information Systems Control). Microsoft Cybersecurity Expert incl. M365 Security, Azure Security, Identity & Access Management and Security Operations. AWS Security. NIST Cybersecurity Professional (NCSP) Practitioner. ISO27001. Vendor Qualifications Cisco, VMware, Fortinet, Checkpoint etc. Chartered membership in professional security bodies. More ❯

and present findings to stakeholders or clients. Maintain thorough documentation of investigation steps, timelines, and decisions taken. ️ Compliance & Risk Mitigation Ensure all incident handling aligns with frameworks such as NIST, ISO 27001, and GDPR. Work with compliance teams to manage regulatory reporting during security incidents. Your Profile Essential Skills & Experience: Bachelor’s degree in Computer Science, Information Security, or a More ❯

Work with IT, security, and development teams to ensure solutions meet business needs. Required Skills : Strong knowledge of cybersecurity technologies and practices Expertise in security frameworks (CIS, ISF, Mitre, NIST, or equivalent) Deep understanding of CIS18 controls and security architecture concepts Experience with incident investigation and remediation Proficiency in cloud security (Azure, AWS, or Google Cloud) Excellent stakeholder management and More ❯

SIEM and security monitoring tools for real-time threat detection. Cloud Security Assessments & Compliance Conduct cloud security assessments, penetration testing, and risk analysis . Ensure compliance with ISO 27001, NIST, CIS Benchmarks, GDPR , and other security standards. Collaborate with DevOps teams to integrate security into CI/CD pipelines. Security Automation & Infrastructure as Code (IaC) Automate security policies and compliance More ❯

and present findings to stakeholders or clients. Maintain thorough documentation of investigation steps, timelines, and decisions taken. ⚖️ Compliance & Risk Mitigation Ensure all incident handling aligns with frameworks such as NIST, ISO 27001, and GDPR. Work with compliance teams to manage regulatory reporting during security incidents. Your Profile 🔑 Essential Skills & Experience: Bachelor’s degree in Computer Science, Information Security, or a More ❯

to manage external security operations. Desirable Certifications: Azure Security Engineer Associate, CISSP, OSCP (Offensive Security Certified Professional), CCSP, or equivalent. Experience with container security (Docker, Kubernetes). Knowledge of NIST, ISO 27001, SOC 2 compliance frameworks. Familiarity with Zero Trust security principles. Other Stuff NB: Please only apply if you are able to work from their Debden (IG10) offices Monday More ❯

cloud platforms. Conduct security assessments, threat modeling, and risk analysis for new and existing systems. Develop and maintain security policies, standards, and best practices aligned with industry frameworks (e.g., NIST, ISO 27001, CIS Controls). Collaborate with IT, DevOps, and software development teams to integrate security into the development lifecycle (DevSecOps). Lead security technology evaluations and recommend security tools More ❯

our office in Dudley (UK), we are currently recruiting a driven Cybersecurity & Compliance Manager. Position purpose The Cybersecurity & Compliance Manager will lead Tosca’s efforts to ensure adherence to NIST CFS 2.0, ISO 27001, and other standards. This role focuses on developing security protocols, maintaining documentation, conducting risk assessments, and ensuring regulatory compliance. Responsibilities include managing security infrastructure, incident response … and promoting cybersecurity awareness. The position requires collaboration with Global IT, cross-functional teams, and third-party partners. Key qualifications include experience in cybersecurity and compliance, strong knowledge of NIST and ISO standards, risk management expertise, and effective communication skills. This is a full-time role based in Dudley, UK, with travel up to 30% of the time. Responsibilities Implement … security protocols and manage information security programs Report performance, exceptions, and outages to all audiences transparently. Align disaster recovery with business continuity plans. Ensure compliance with ISO27001, NIST CFS 2.0, and maintain ISMS. Identify risks, develop a comprehensive security plan. Test cyber-attacks regularly to address vulnerabilities. Monitor security trends, adapt strategies. Oversee incident monitoring, detection, response via SOC and More ❯

our office in Dudley (UK), we are currently recruiting a driven Cybersecurity & Compliance Manager. Position purpose The Cybersecurity & Compliance Manager will lead Tosca’s efforts to ensure adherence to NIST CFS 2.0, ISO 27001, and other standards. This role focuses on developing security protocols, maintaining documentation, conducting risk assessments, and ensuring regulatory compliance. Responsibilities include managing security infrastructure, incident response … and promoting cybersecurity awareness. The position requires collaboration with Global IT, cross-functional teams, and third-party partners. Key qualifications include experience in cybersecurity and compliance, strong knowledge of NIST and ISO standards, risk management expertise, and effective communication skills. This is a full-time role based in Dudley, UK, with travel up to 30% of the time. Responsibilities Implement … security protocols and manage information security programs Report performance, exceptions, and outages to all audiences transparently. Align disaster recovery with business continuity plans. Ensure compliance with ISO27001, NIST CFS 2.0, and maintain ISMS. Identify risks, develop a comprehensive security plan. Test cyber-attacks regularly to address vulnerabilities. Monitor security trends, adapt strategies. Oversee incident monitoring, detection, response via SOC and More ❯

Microsoft Defender for Endpoint, AlertLogic, Web Application Scanning, Tripwire, Tenable Nessus). Strong problem-solving, analytical, reporting and organizational skills. Experience or understanding of of security compliance frameworks; ISO27001, NIST, SOC2, Cyber Essentials, etc. Relevant certifications (e.g., CISSP, CISM, CompTIA Security+, or similar) are highly desirable. Detail-oriented with a proactive approach to problem-solving. Ability to prioritize tasks effectively More ❯

Microsoft Defender for Endpoint, AlertLogic, Web Application Scanning, Tripwire, Tenable Nessus). Strong problem-solving, analytical, reporting and organizational skills. Experience or understanding of of security compliance frameworks; ISO27001, NIST, SOC2, Cyber Essentials, etc. Relevant certifications (e.g., CISSP, CISM, CompTIA Security+, or similar) are highly desirable. Detail-oriented with a proactive approach to problem-solving. Ability to prioritize tasks effectively More ❯

Experience coordinating with an external SOC or working in a hybrid detection/response model. Knowledge and understanding of Cyber Security frameworks such as CIS Critical Controls v8 and NIST Cybersecurity Framework Regulatory compliance - knowledge of GDPR, ISO-27001 and SOC2 Knowledge of encryption methods and best practices for protecting sensitive data Are familiar with common Operating Systems - Windows, Linux More ❯

credentials (e.g., AWS Security, Microsoft SC-200). Experience with security tools and platforms (e.g., SIEM, DLP, vulnerability scanners). Familiarity with regulatory and compliance frameworks (e.g., ISO 27001, NIST, GDPR). Our benefits Boots Retirement Savings Plan Discretionary annual bonus Generous employee discounts Enhanced maternity/paternity/adoption leave pay and gift card for anyone expecting or adopting More ❯

blockchain technology and its cryptographic principles is a plus. Certifications such as CISSP, CISM, AWS Security Specialty, HashiCorp Certified Vault Associate or CCSK. Familiarity with security frameworks such as NIST 800-57, ISO 27001 or PCI DSS. Are you the right candidate? Yes! We truly believe in the power that comes from the diverse backgrounds and experiences our employees bring More ❯

with SIEM platforms and vulnerability management tools. Exposure to SOAR platforms and scripting or development skills (e.g. Python, Bash). Understanding of frameworks such as ISO 27001/2, NIST, SOC, or COBIT. Excellent communication skills, both verbal and written. Location & Workplace Type: This role will be based in Newry, Belfast or Dublin with a Hybrid working model Why Choose More ❯

engineering, or semiconductor industry is beneficial. Effective working with a globally dispersed team across multiple time zones to deliver solutions on time. Experience with security industry frameworks, such as NIST CSF, ISO 27000 series, FAIR risk analysis, and privacy regulations. Proficiency with security tools such as Qualys, Crowdstrike, and Splunk. Experience with incident response and threat hunting. Excellent analytical and More ❯

evolving cybersecurity trends, regulations, and best practices. Degree in a relevant field or professional certification (CISSP, CISM, etc.). Strong understanding of cybersecurity challenges, industry standards (GDPR, ISO 27001, NIST CSF, Cyber Essentials), and risk management. Expertise in networking, operating systems, cloud computing, application security, and endpoint security. Experience managing cybersecurity teams and handling security incidents in a large organization. More ❯