1 to 25 of 74 NIST Jobs in the East of England

/SOC environment. IT certifications such as CompTIA A+, Network+ • Cyber certifications such as CISM, CISA, CEH, or CompTIA Security+ Understanding of regulatory frameworks and industry standards (e.g., NIS, NIST, ISO 27001, GDPR). Experience in scripting or programming languages including PowerShell for automating security tasks. Person Specification: Communication. Structures and conveys information and ideas effectively. Communicates to ensure they More ❯

/SOC environment. IT certifications such as CompTIA A+, Network+ • Cyber certifications such as CISM, CISA, CEH, or CompTIA Security+ Understanding of regulatory frameworks and industry standards (e.g., NIS, NIST, ISO 27001, GDPR). Experience in scripting or programming languages including PowerShell for automating security tasks. Person Specification: Communication. Structures and conveys information and ideas effectively. Communicates to ensure they More ❯

to manage external security operations. Desirable Certifications: Azure Security Engineer Associate, CISSP, OSCP (Offensive Security Certified Professional), CCSP, or equivalent. Experience with container security (Docker, Kubernetes). Knowledge of NIST, ISO 27001, SOC 2 compliance frameworks. Familiarity with Zero Trust security principles. Other Stuff Please only apply if you are able to work from their Debden offices Monday-Friday. Hybrid More ❯

to manage external security operations. Desirable Certifications: Azure Security Engineer Associate, CISSP, OSCP (Offensive Security Certified Professional), CCSP, or equivalent. Experience with container security (Docker, Kubernetes). Knowledge of NIST, ISO 27001, SOC 2 compliance frameworks. Familiarity with Zero Trust security principles. Other Stuff NB: Please only apply if you are able to work from their Debden (IG10) offices Monday More ❯

management (IAM) concepts and technologies, including EntraID. Experience with government systems and audits such as OneLogin or GovAssure is highly desirable. Experience with security frameworks and standards, such as NIST, ISO 27001, CyberEssentials Plus, and CIS. Strong understanding of networking protocols, operating systems, and security technologies like firewalls, intrusion detection/prevention systems, and SIEM. Excellent analytical, problem-solving, and More ❯

Lead the design and implementation of secure network architectures for on-premises, cloud, and hybrid environments. Define network security standards, frameworks, and policies aligned with industry best practices (e.g., NIST, ISO 27001, CIS). Develop and maintain secure designs for firewalls, VPNs, intrusion prevention systems (IPS/IDS), network segmentation, and zero trust network access (ZTNA). Collaborate with IT More ❯

at rest throughout the transition. Develop and validate security requirements for cloud platforms (e.g., Azure, AWS) and associated services being adopted. Ensure alignment with regulatory requirements (e.g., ISO 27001, NIST, GDPR) and internal governance policies. Collaborate with infrastructure, network, cloud, and application teams to embed security by design in the migration process. Oversee security tool integration, including and access management More ❯

diverse audiences. Hands-on experience operating in or collaborating with a Security Operations Centre (SOC). Well-versed in applying recognised risk management methodologies such as ISO 27005 and NIST Risk Management Framework. Strong written and verbal communication abilities, with a focus on clear reporting and stakeholder engagement. Possession of industry-recognised certifications such as CISSP, CISM, CRISC, or CEH More ❯

prevention (DLP) Endpoint protection Security operations and incident response Experience in developing and implementing security policies, procedures, and standards. Understanding of legal and regulatory frameworks (e.g., GDPR, ISO 27001, NIST SP 800-171). Excellent communication, collaboration, and interpersonal skills, with the ability to effectively communicate complex technical information to both technical and non-technical audiences. Experience building and leading More ❯

risk, as well as using GRC tools and guidance developed for Risk mitigation. Practical knowledge of information security standards and risk assessment frameworks such as ISO 27001, SOC 2, NIST 800-32 Strong knowledge of cyber controls, policies, and procedures. Experience of delivering metrics for senior level audiences. Demonstrate analytical and problem-solving skills. Ability to communicate risks associated with More ❯

encryption, masking and pseudonymisation. Detailed understanding of the information lifecycle and the self assurance framework for Records Management. Experience of implementing data security standards such as ISO27001, PCI DSS, NIST CSF, CAA CAF etc. Ability to effectively manage cyber security risks and can clearly communicate with key stakeholders to minimise the risk to easyJet. DESIRABLE SKILLS Experience leading a Cyber More ❯

encryption, masking and pseudonymisation. Detailed understanding of the information lifecycle and the self assurance framework for Records Management. Experience of implementing data security standards such as ISO27001, PCI DSS, NIST CSF, CAA CAF etc. Ability to effectively manage cyber security risks and can clearly communicate with key stakeholders to minimise the risk to easyJet. DESIRABLE SKILLS Experience leading a Cyber More ❯

and Compliance, IT Infrastructure, Engineering, Compliance and AI teams to integrate security tooling and sophisticated security capabilities into business-critical systems. Define frameworks and standards aligned with industry standards (NIST, MITRE ATT&CK) and semiconductor-specific regulatory requirements including export control and SoX compliance. Drive innovation by utilising AI and machine learning technologies to enhance threat detection, incident response, and … Technology or Semiconductor industries. Proven expertise in cloud security architecture and deployments, particularly in AWS, Azure, and/or Google Cloud Platform. Solid understanding of security frameworks such as NIST, MITRE ATT&CK, and relevant semiconductor industry standards. Excellent leadership skills with a track record of building and managing high-performing technical teams. Exceptional interpersonal skills with the ability to More ❯

to agreed timescales, following through to completion Support the creation, implementation and maintenance of information security policies and standards, in accordance with ISO 27001 other relevant frameworks and standards (NIST CSF, IEC 62443, CIS, GDPR etc.) Maintain the department’s information security procedures, including but not limited to information security incident response and business continuity management, conducting tabletop exercises to … information security management and/or security awareness. In-depth expert knowledge of industry standard frameworks and best practices – ISO 27001: 2022, ISO 27002:2022, ISO 27005, ISO 31000, NIST and their practical application in a corporate environment to ensure all elements of integrity, availability and confidentiality are adhered to. Extensive experience conducting information security risk assessments, reporting risks Experience More ❯

activity and respond promptly to security incidents and breaches. Design and enforce security policies, standards, and procedures in accordance with industry best practices and regulatory requirements, such as CAF, NIST, ISO27001. Key Skills Required: Knowledge of Fortigate Security Stack including Firewalls, FortiAnalyzer, FortiManager. Knowledge of vulnerability management platforms (Tenable/Nessus/Qualys). Knowledge of threat intelligence, risk management … and cyber incident response frameworks. In-depth knowledge of NCSC Cyber Assessment Framework (CAF), PSN Compliance, Cyber Essentials, NIST, or ISO 27001. Qualifications: Degree or equivalent level qualification or experience. ITIL Foundation certification or equivalent. Professional Security Certifications CISSP, CISM, CEH, CREST, GIAC, or Microsoft Security Certifications (SC-200, SC-300). Benefits: Pension: Employee contribution 5.5% and 12.5% employer More ❯

environments. Deep expertise in Microsoft security technologies including Defender for Office 365, Microsoft Purview, Entra ID (formerly Azure AD), and Intune. Strong knowledge of security frameworks (e.g., Zero Trust, NIST, ISO 27001, CIS), regulatory compliance (e.g., GDPR, HIPAA), and risk management. Solid understanding of cloud identity models, conditional access, MFA, RBAC, and privileged access management. Proficiency with automation and scripting More ❯

Excellent interpersonal skills and ability to work onsite daily. Preferred Qualifications Certifications such as Azure Security Engineer, CISSP, OSCP, CCSP. Experience with container security (Docker, Kubernetes). Knowledge of NIST, ISO 27001, SOC 2, and Zero Trust principles. Additional Notes Please only apply if you are able to work from their Debden offices Monday-Friday. No hybrid or remote options More ❯

security threats which remain prevalent throughout critical enterprises, infrastructure, systems, and operations. A successful candidate will be equipped to propose modern solutions embedded with security awareness, that adhere to NIST, NSA, and DoD standards, to proactively mitigate unacceptable loss and unrecoverable downtime throughout their lifecycle. The multidisciplinary proficiencies supporting this initiative are System Security Concepts & Design Principles, Resilient Architecture, Anomaly … for complex weapon and space systems, cryptographic key management, Public Key Infrastructure (PKI) and the NSA's Key Management Infrastructure Experience documenting compliance towards parent specifications and standards (i.e.: NIST SP 800.160, NIST Cybersecurity Framework (CSF) 2.0, DoD Cyber Tabletop Guide, NIST SP 800-57, NIST 800.53 & Risk Management Framework (RMF), MITRE Attack Framework, and DoD Instruction 3150.02) Proficiency in More ❯

and maintain clear, concise reports, metrics, and documentation related to security incidents, risks, and controls. What we need from you; Practical experience of ISO27001/27004/27005 and NIST Risk Management Framework (RMF) Demonstrable experience of writing IA Technical Risk Assessments and the management of these Assessments Good understanding and appreciation of the Engineering development lifecycles and how the More ❯

industrial networks. Conduct risk assessments and threat modeling for ICS/SCADA systems and recommend mitigation strategies. Develop and maintain security standards, reference architectures, and best practices aligned with NIST, IEC 62443, and other industry standards. Collaborate with IT, OT, and engineering teams to ensure cybersecurity is integrated into operations and product lifecycle. Define and implement network segmentation, secure remote … of OT protocols (Modbus, DNP3, PROFINET, etc.) and ICS/SCADA systems. Strong knowledge of network security , firewalls, VPNs, IDS/IPS, and security zoning. Familiarity with cybersecurity frameworks: NIST CSF , IEC 62443 , MITRE ATT&CK for ICS . Proficient in developing architecture diagrams, security policies, and risk assessments . Experience working with cross-functional teams in industrial or critical More ❯

industrial networks. Conduct risk assessments and threat modeling for ICS/SCADA systems and recommend mitigation strategies. Develop and maintain security standards, reference architectures, and best practices aligned with NIST, IEC 62443, and other industry standards. Collaborate with IT, OT, and engineering teams to ensure cybersecurity is integrated into operations and product lifecycle. Define and implement network segmentation, secure remote … of OT protocols (Modbus, DNP3, PROFINET, etc.) and ICS/SCADA systems. Strong knowledge of network security , firewalls, VPNs, IDS/IPS, and security zoning. Familiarity with cybersecurity frameworks: NIST CSF , IEC 62443 , MITRE ATT&CK for ICS . Proficient in developing architecture diagrams, security policies, and risk assessments . Experience working with cross-functional teams in industrial or critical More ❯

Provide technical escalation support in the absence of a cybersecurity specialist, particularly in coordination with the Security Operations Centre (SOC). – Support compliance with relevant standards (e.g. ISO 27001, NIST, UK GDPR). – Review security aspects of tenders and conduct third-party/vendor risk assessments to ensure alignment with organisational security requirements. – Perform additional security-related tasks as directed … and cloud security. – Ability to assess and communicate technical vulnerabilities in business terms. – Experience working with or within a SOC environment. – Familiarity with risk management frameworks?(e.g. ISO 27005, NIST RMF). – Excellent communication and reporting skills. – Relevant certifications (e.g. CISSP, CISM, CRISC, CEH). – Experience with GRC tools and risk registers. – Knowledge of regulatory requirements and data protection laws. More ❯

Requirements: ISO 27001 Lead Implementer or Auditor certification (essential). Demonstrated experience in an Information Security or IT Governance role. Strong knowledge of frameworks like ISO 27001/27002, NIST, GDPR, and related standards. Proven ability to manage audits, compliance reporting, and security training programs. Excellent stakeholder management, communication, and analytical skills. This is an exciting opportunity for someone who More ❯

willing to undergo DBS and Counter Terrorist Check. It would be great if you had: Certifications such as CISSP, or other relevant qualifications. Experience with additional frameworks (e.g., SOC2, NIST, NCSC CAF). More than 2 years’ experience delivering IT or cybersecurity solutions. Benefits: 30 days annual leave + 8 bank holidays Additional day off for your birthday 3% employer More ❯

for data extraction and transformation. Prior experience with Data warehousing and Data modelling (Star Schema or Snowflake Schema). Skilled in security frameworks such as GDPR, HIPAA, ISO 27001, NIST, SOX, and PII, with expertise in IAM, KMS, and RBAC implementation. Cloud automation and orchestration tools like Terraform and Airflow. Strong analytical skills to assess data quality, identify inconsistencies, and More ❯