20 of 20 NIST Jobs in the East of England

the delivery of security advisory services Experience: Knowledge of risk management concepts including risk assessment and risk treatment techniques and methodologies, including: • Risk Assessment methods and frameworks (IRAM2, OCTAVE, NIST, ISO 27005 etc) • Information Security Management System frameworks and standards and their application • Compliance frameworks relevant to financials services including SOX, PCI DSS, SSAE16, etc) • Good working knowledge of one More ❯

for data extraction and transformation. Prior experience with Data warehousing and Data modelling (Star Schema or Snowflake Schema). Skilled in security frameworks such as GDPR, HIPAA, ISO 27001, NIST, SOX, and PII, with expertise in IAM, KMS, and RBAC implementation. Cloud automation and orchestration tools like Terraform and Airflow. Strong analytical skills to assess data quality, identify inconsistencies, and More ❯

for data extraction and transformation. Prior experience with Data warehousing and Data modelling (Star Schema or Snowflake Schema). Skilled in security frameworks such as GDPR, HIPAA, ISO 27001, NIST, SOX, and PII, with expertise in IAM, KMS, and RBAC implementation. Cloud automation and orchestration tools like Terraform and Airflow. Strong analytical skills to assess data quality, identify inconsistencies, and More ❯

for data extraction and transformation. Prior experience with Data warehousing and Data modelling (Star Schema or Snowflake Schema). Skilled in security frameworks such as GDPR, HIPAA, ISO 27001, NIST, SOX, and PII, with expertise in IAM, KMS, and RBAC implementation. Cloud automation and orchestration tools like Terraform and Airflow. Strong analytical skills to assess data quality, identify inconsistencies, and More ❯

ability to influence and align technical and business stakeholders. Preferred Qualifications Experience in a global manufacturing organization. Relevant certifications (e.g., CISSP, CISM, CCSP). Familiarity with frameworks such as NIST CSF, ITIL, ISO 27001, HIPAA, FedRamp. Work Location & Flexibility At Brooks, we aim to foster a collaborative and engaging environment while offering flexibility where possible. Work arrangements may include a More ❯

leadership What You Bring Experience in defence, government, secure manufacturing or similar Strong working knowledge of GovS 007, JSP 440, DEFSTAN & protective security frameworks Familiarity with ISO 27001/NIST/GDPR Experience handling sensitive/classified information Excellent communication & stakeholder engagement skills Ability to work autonomously and influence at senior level DISA/vetting-related accreditation beneficial Why This More ❯

security breaches. • Providing Monthly Information Security reporting. • Maintaining comprehensive documentation of systems, processes, and procedures. KEY SKILLS • You must have demonstrable experience of Information and Cyber Security practices like NIST, Cyber Essentials +, ISO27001. • Familiarity with regulatory compliance and auditing standards. • Ability to identify, assess and mitigate security risks. • Knowledge of penetration testing and vulnerability scanning tools like Nessus and … Science, Information Security, or related field (or equivalent experience). • 3–5+ years of experience in cybersecurity or information security engineering/analysis. • Strong knowledge of MITRE ATT&CK, NIST, ISO 27001, and other frameworks. • Experience with security tools. • Familiarity with scripting languages (Python, Bash, PowerShell) is a plus. • Relevant certifications (e.g., CEH, OSCP, CISSP, Security+, GSEC) preferred. If you … have 3–5+ years of experience in cybersecurity or information security engineering/analysis with relevant certifications, along with strong knowledge of MITRE ATT&CK, NIST, ISO 27001, and other frameworks alongside experience with security tools, and you are looking to join a team at a friendly, supportive company that prides itself on encouraging further professional development then please get More ❯

technologies such as Splunk, Sentinel, and QRadar. Thorough grasp of security standard methodologies and protocols, for instance ISO 27001/27002, PCI DSS. Familiarity with security frameworks such as NIST, ISO, and CIS. Experience with programming languages such as Python, PowerShell, and regex. If you are interested in this role but not sure if your skills and experience are exactly More ❯

toolkit implementation Your Required Skills: Proven leadership in threat intelligence and vulnerability management Strong knowledge of threat actor TTPs, IoCs, and threat hunting methodologies Familiarity with TIPs, security frameworks (NIST, ISO), and OT/ICS environments Excellent stakeholder engagement skills across corporate and operational domains Ability to communicate technical controls to senior leadership Experience influencing security culture and behaviour within More ❯

toolkit implementation Your Required Skills: Proven leadership in threat intelligence and vulnerability management Strong knowledge of threat actor TTPs, IoCs, and threat hunting methodologies Familiarity with TIPs, security frameworks (NIST, ISO), and OT/ICS environments Excellent stakeholder engagement skills across corporate and operational domains Ability to communicate technical controls to senior leadership Experience influencing security culture and behaviour within More ❯

toolkit implementation Your Required Skills: Proven leadership in threat intelligence and vulnerability management Strong knowledge of threat actor TTPs, IoCs, and threat hunting methodologies Familiarity with TIPs, security frameworks (NIST, ISO), and OT/ICS environments Excellent stakeholder engagement skills across corporate and operational domains Ability to communicate technical controls to senior leadership Experience influencing security culture and behaviour within More ❯

toolkit implementation Your Required Skills: Proven leadership in threat intelligence and vulnerability management Strong knowledge of threat actor TTPs, IoCs, and threat hunting methodologies Familiarity with TIPs, security frameworks (NIST, ISO), and OT/ICS environments Excellent stakeholder engagement skills across corporate and operational domains Ability to communicate technical controls to senior leadership Experience influencing security culture and behaviour within More ❯

engineering teams to deliver robust, secure solutions. Responsibilities • Design, develop, and maintain secure system architectures for MOD platforms, applications, and networks • Ensure alignment with relevant standards and frameworks including NIST SP 800-53, ISO 27001, JSP 440, DEF STAN 05-138, and NCSC guidance • Produce and maintain security documentation including Security Architecture Documents, Security Risk Assessments and Security Management Plans … understanding of systems engineering principles and secure development lifecycles • Experience developing artefacts to support MOD security assurance • Hands-on knowledge of risk management frameworks (e.g. HMG IS1/IS2, NIST RMF) • Excellent communication skills, both written and verbal – able to present to technical and non-technical stakeholders Certifications • Certified Information Systems Security Professional (CISSP) • Certified Information Security Manager (CISM) • SABSA More ❯

to agreed timescales, following through to completion Support the creation, implementation and maintenance of information security policies and standards, in accordance with ISO 27001 other relevant frameworks and standards (NIST CSF, IEC 62443, CIS, GDPR etc.) Maintain the department’s information security procedures, including but not limited to information security incident response and business continuity management, conducting tabletop exercises to … information security management and/or security awareness. In-depth expert knowledge of industry standard frameworks and best practices – ISO 27001: 2022, ISO 27002:2022, ISO 27005, ISO 31000, NIST and their practical application in a corporate environment to ensure all elements of integrity, availability and confidentiality are adhered to. Extensive experience conducting information security risk assessments, reporting risks Experience More ❯

to agreed timescales, following through to completion Support the creation, implementation and maintenance of information security policies and standards, in accordance with ISO 27001 other relevant frameworks and standards (NIST CSF, IEC 62443, CIS, GDPR etc.) Maintain the departments information security procedures, including but not limited to information security incident response and business continuity management, conducting tabletop exercises to evaluate … information security management and/or security awareness. In-depth expert knowledge of industry standard frameworks and best practices ISO 27001: 2022, ISO 27002:2022, ISO 27005, ISO 31000, NIST and their practical application in a corporate environment to ensure all elements of integrity, availability and confidentiality are adhered to. Extensive experience conducting information security risk assessments, reporting risks Experience More ❯

to agreed timescales, following through to completion Support the creation, implementation and maintenance of information security policies and standards, in accordance with ISO 27001 other relevant frameworks and standards (NIST CSF, IEC 62443, CIS, GDPR etc.) Maintain the department’s information security procedures, including but not limited to information security incident response and business continuity management, conducting tabletop exercises to … information security management and/or security awareness. In-depth expert knowledge of industry standard frameworks and best practices – ISO 27001: 2022, ISO 27002:2022, ISO 27005, ISO 31000, NIST and their practical application in a corporate environment to ensure all elements of integrity, availability and confidentiality are adhered to. Extensive experience conducting information security risk assessments, reporting risks Experience More ❯

security risks. Support AI and automation initiatives to streamline GRC processes. Key Requirements Proven hands-on experience with ServiceNow IRM and risk quantification methodologies. Strong knowledge of ISO 27001, NIST CSF, and NIST SP800-53. Certifications such as CRISC, CISM, CISSP, or FAIR are desirable. Excellent stakeholder management and communication skills. Experience in third-party cyber risk management and post More ❯

security risks. Support AI and automation initiatives to streamline GRC processes. Key Requirements Proven hands-on experience with ServiceNow IRM and risk quantification methodologies. Strong knowledge of ISO 27001, NIST CSF, and NIST SP800-53. Certifications such as CRISC, CISM, CISSP, or FAIR are desirable. Excellent stakeholder management and communication skills. Experience in third-party cyber risk management and post More ❯

incident management, and play a key role in safeguarding our organisation’s digital environment. Communications with key business partners is key regarding risks, threats and SOC performance. Familiarity with NIST Cybersecurity, MITRE ATT&CK, Splunk, Sentinel and ISO27001 is vital What you will be doing: Lead, mentor, and develop SOC analysts and incident responders. Provide technical direction, conduct performance reviews … analysts, building high-performing teams, and managing effective shift models. Confident communicator with the ability to translate complex technical risks into clear business impacts for senior stakeholders. Familiarity with NIST Cybersecurity Framework and MITRE ATT&CK. Understanding of ISO 27001 standards and compliance best practices. Working knowledge of the CREST SOC Maturity Model. Experience applying ITIL processes across incident, problem More ❯

Strong communication skills. Experience producing intelligence reports for varied audiences. Familiarity with cyber threats, threat actors, attack vectors, and vulnerabilities. Knowledge of information assurance standards and frameworks including CIS, NIST, ISO 27001, Cyber Essentials/Essentials Plus, GDPR. Knowledge of threat cyber security frameworks such as MITRE ATT&CK, Kill Chain and NIST CSF 2.0. The ideal candidate will combine More ❯