1 to 25 of 132 NIST Jobs in the Midlands

our office in Dudley (UK), we are currently recruiting a driven Cybersecurity & Compliance Manager. Position purpose The Cybersecurity & Compliance Manager will lead Tosca’s efforts to ensure adherence to NIST CFS 2.0, ISO 27001, and other standards. This role focuses on developing security protocols, maintaining documentation, conducting risk assessments, and ensuring regulatory compliance. Responsibilities include managing security infrastructure, incident response … and promoting cybersecurity awareness. The position requires collaboration with Global IT, cross-functional teams, and third-party partners. Key qualifications include experience in cybersecurity and compliance, strong knowledge of NIST and ISO standards, risk management expertise, and effective communication skills. This is a full-time role based in Dudley, UK, with travel up to 30% of the time. Responsibilities Implement … security protocols and manage information security programs Report performance, exceptions, and outages to all audiences transparently. Align disaster recovery with business continuity plans. Ensure compliance with ISO27001, NIST CFS 2.0, and maintain ISMS. Identify risks, develop a comprehensive security plan. Test cyber-attacks regularly to address vulnerabilities. Monitor security trends, adapt strategies. Oversee incident monitoring, detection, response via SOC and More ❯

our office in Dudley (UK), we are currently recruiting a driven Cybersecurity & Compliance Manager. Position purpose The Cybersecurity & Compliance Manager will lead Tosca’s efforts to ensure adherence to NIST CFS 2.0, ISO 27001, and other standards. This role focuses on developing security protocols, maintaining documentation, conducting risk assessments, and ensuring regulatory compliance. Responsibilities include managing security infrastructure, incident response … and promoting cybersecurity awareness. The position requires collaboration with Global IT, cross-functional teams, and third-party partners. Key qualifications include experience in cybersecurity and compliance, strong knowledge of NIST and ISO standards, risk management expertise, and effective communication skills. This is a full-time role based in Dudley, UK, with travel up to 30% of the time. Responsibilities Implement … security protocols and manage information security programs Report performance, exceptions, and outages to all audiences transparently. Align disaster recovery with business continuity plans. Ensure compliance with ISO27001, NIST CFS 2.0, and maintain ISMS. Identify risks, develop a comprehensive security plan. Test cyber-attacks regularly to address vulnerabilities. Monitor security trends, adapt strategies. Oversee incident monitoring, detection, response via SOC and More ❯

credentials (e.g., AWS Security, Microsoft SC-200). Experience with security tools and platforms (e.g., SIEM, DLP, vulnerability scanners). Familiarity with regulatory and compliance frameworks (e.g., ISO 27001, NIST, GDPR). Our benefits Boots Retirement Savings Plan Discretionary annual bonus Generous employee discounts Enhanced maternity/paternity/adoption leave pay and gift card for anyone expecting or adopting More ❯

/IPS), endpoint protection, encryption, identity and access management (IAM), and security information and event management (SIEM) systems. Strong understanding of security frameworks, standards, and regulations, including ISO 27001, NIST Cybersecurity Framework, GDPR , NCSC Cyber Essentials Plus, with experience in implementing and maintaining compliance with these requirements. Excellent leadership and communication skills, with the ability to effectively communicate security-related More ❯

Deep technical knowledge of security technologies such as firewalls, IDS/IPS, endpoint protection, encryption, IAM, and SIEM systems. Strong understanding of security frameworks and standards, including ISO 27001, NIST, GDPR, and NCSC Cyber Essentials Plus, with experience in compliance management. Excellent leadership and communication skills, capable of conveying security concepts to diverse audiences and building consensus. Analytical skills and More ❯

Technology 3+ years' experience performing IT Audit or security control testing. Knowledge of internal audit methodologies, including risk assessment, execution, and reporting. Proficiency in industry standards and frameworks (e.g., NIST 800-53, ISO 27001/27002). Familiarity with privacy regulations (e.g., GDPR, CCPA) and breach notification laws. Experience with sector-specific frameworks (e.g., HIPAA, PCI). Technical Skills Proficiency More ❯

incident investigation, alert tuning and threat detection) Cloud Security Expertise, particularly within Microsoft 365 and Azure environments Infrastructure Knowledge: networking, Windows, macOS etc. Familiarity with security frameworks & standards i.e. NIST, CIS Benchmarks, NCSC guidelines, ISO 27001 and Cyber Essentials Plus (CE+) Practical experience with PowerShell, Python, and Kusto Query Language (KQL) for automation, analysis, and custom alerting Exposure to programming More ❯

Perform root cause analysis and recommend mitigation strategies. Collaborate on incident handling, reporting, and documentation. Enforce security policies in line with industry standards and regulations (GDPR, ISO, Cyber Essentials+, NIST 800-171). Assist with audits and compliance reporting. Manage and configure network devices with a focus on security. Design and implement secure system architectures and disaster recovery plans. Maintain More ❯

In-depth knowledge of on-premises infrastructure including Windows Server environments, VMware virtualisation, Hyper-V virtualisation, Backup & Disaster Recovery, SAN storage solutions Hands-on experience with security frameworks like NIST, ISO 27001, or CIS Controls Familiarity with DevOps practices and experience with CI/CD pipelines for Azure-based deployments. Proficiency in scripting and automation using PowerShell, Azure CLI, BASH More ❯

/AKS), and infrastructure protection. Hands-on knowledge of DevSecOps, IaC (Terraform), CI/CD pipelines, and tools like Veracode, Trivy, and Checkov. Familiarity with standards such as CIS, NIST, GDPR, ISO and frameworks like MITRE ATT&CK. Strong programming/scripting skills (Python, Go, Groovy) with a clean, secure coding ethos. Ideal Candidate Profile Expert in Azure cloud security More ❯

risk/vulnerability assessments and incident management. Experience first and second line support Strong analytical thinking and attention to detail. Familiarity with compliance frameworks like ISO 27001/27002, NIST Cybersecurity Framework – 2.0 ideally version 2, PCI DSS v4.0 Exceptional communication and stakeholder engagement skills. Experience with Microsoft Azure Security tools (Defender for Endpoint, Sentinel, Purview). Understanding of ITIL More ❯

risk/vulnerability assessments and incident management. Experience first and second line support Strong analytical thinking and attention to detail. Familiarity with compliance frameworks like ISO 27001/27002, NIST Cybersecurity Framework – 2.0 ideally version 2, PCI DSS v4.0 Exceptional communication and stakeholder engagement skills. Experience with Microsoft Azure Security tools (Defender for Endpoint, Sentinel, Purview). Understanding of ITIL More ❯

risk/vulnerability assessments and incident management. Experience first and second line support Strong analytical thinking and attention to detail. Familiarity with compliance frameworks like ISO 27001/27002, NIST Cybersecurity Framework – 2.0 ideally version 2, PCI DSS v4.0 Exceptional communication and stakeholder engagement skills. Experience with Microsoft Azure Security tools (Defender for Endpoint, Sentinel, Purview). Understanding of ITIL More ❯

risk/vulnerability assessments and incident management. Experience first and second line support Strong analytical thinking and attention to detail. Familiarity with compliance frameworks like ISO 27001/27002, NIST Cybersecurity Framework – 2.0 ideally version 2, PCI DSS v4.0 Exceptional communication and stakeholder engagement skills. Experience with Microsoft Azure Security tools (Defender for Endpoint, Sentinel, Purview). Understanding of ITIL More ❯

risk/vulnerability assessments and incident management. Experience first and second line support Strong analytical thinking and attention to detail. Familiarity with compliance frameworks like ISO 27001/27002, NIST Cybersecurity Framework – 2.0 ideally version 2, PCI DSS v4.0 Exceptional communication and stakeholder engagement skills. Experience with Microsoft Azure Security tools (Defender for Endpoint, Sentinel, Purview). Understanding of ITIL More ❯

risk/vulnerability assessments and incident management. Experience first and second line support Strong analytical thinking and attention to detail. Familiarity with compliance frameworks like ISO 27001/27002, NIST Cybersecurity Framework – 2.0 ideally version 2, PCI DSS v4.0 Exceptional communication and stakeholder engagement skills. Experience with Microsoft Azure Security tools (Defender for Endpoint, Sentinel, Purview). Understanding of ITIL More ❯

/vulnerability assessments and incident management. Experience with first and second line support. Strong analytical thinking and attention to detail. Familiarity with compliance frameworks like ISO 27001/27002, NIST Cybersecurity Framework 2.0 (preferably version 2), PCI DSS v4.0. Exceptional communication and stakeholder engagement skills. Experience with Microsoft Azure Security tools (Defender for Endpoint, Sentinel, Purview). Understanding of ITIL More ❯

multiple information sources. Enhance the security posture of UK and US operations, recommending and implementing security measures. Ensure compliance with relevant security policies and regulations. Familiarity with ISO and NIST frameworks is advantageous. Prepare and present security reports regularly. Coordinate with infrastructure and development teams for threat remediation. Stay updated on cybersecurity trends and threats, engaging in ongoing professional development. … experience in languages like PowerShell, C, C#, VB, Python, Perl, Ruby, and .NET. Strong multitasking, communication, and project management skills. Knowledge of security frameworks such as ISO 27001 and NIST CSF. Cybersecurity certifications like Security+, CSA, SC-900, CC, CySA+, GSEC are beneficial but not mandatory. Familiarity with tools like Zscaler, Mimecast, CrowdStrike, SIEM, Cisco, Microsoft Defender, Azure, AWS, Cloudflare More ❯

environment Qualification Broad technical knowledge of cyber security controls demonstrated by attainment of appropriate qualifications e.g. CISSP, ISO27001 Lead Implementor or relevant SANS GIAC or equivalent Knowledge of the NIST framework, PCI DSS, GDPR and NIS as well as NCSC cyber guidance. Experience working in an agile delivery environment would be highly advantageous. Specific cyber knowledge and demonstrable experience in More ❯

to successful completion. You’ll also bring: Broad experience in the field of Solution Architecture and considerable experience in Information Security. Familiarity with information security risk management. Conversant with NIST cyber security framework and knowledge of the ISO/IEC 27000 series of information security standards and other related industry best-practice standards. Strong analytical skills coupled with the ability More ❯

test, and deliver Security Policy as code for a variety of Public Cloud compute services and Container platforms leveraging native services. Understand industry standard controls such as CIS/NIST/GDPR/ISO/CSA CCM/MCSB to deliver compliant solutions through appropriate adoption, configuration and management of key controls. Deliver security work stream activities and tasks against More ❯

in the response process and standardisation. About You We are keen to hear from candidates with a good understanding of information security frameworks, standards and security best practice (ISO27001, NIST CSF, Cyber Essentials, OWASP). You’ll have demonstrable knowledge and adherence to data protection legislation and regulatory requirements (e.g. GDPR, FCA SYSC, PCI DSS), as well as extensive experience More ❯

ideally in payments or fintech), with proven Second Line of Defense responsibilities in InfoSec and IT Compliance & Frameworks : Demonstrated success meeting GDPR, EU NIS2, and familiarity with ISO 27001, NIST, and cybersecurity best practices Risk & Governance : Skilled in conducting risk assessments, defining mitigation strategies, and creating/enforcing security policies Good technical understanding of IT infrastructure, software development, hardware, data More ❯

response to cyber security incidents, ensuring timely resolution and root cause analysis. * Oversee the development and implementation of information security compliance and assurance programmes. * Ensure alignment with ISO 27001, NIST, and other relevant security frameworks. * Collaborate with the SOC to monitor, detect, and respond to cyber threats. * Manage governance, risk, and compliance (GRC) activities, including risk assessments and mitigation strategies. … technologies, and regulatory changes. * Support internal and external audits and regulatory inspections. ________________________________________ Essential Skills & Experience: * Proven experience in cyber security operations and incident management. * Strong knowledge of ISO 27001, NIST, and related frameworks. * Experience with GRC processes and tools. * Familiarity with SOC operations and threat detection technologies. * Excellent understanding of the cyber threat landscape and mitigation strategies. * Demonstrated ability to … be handled with the utmost confidentiality, and we will always consult you before submitting it to any client. ________________________________________ Keywords: Cyber Security Lead, Incident Management, InfoSec, Cyber Assurance, ISO 27001, NIST, CISSP, CISM, GSLC, CCP, GIS, GRC, SOC, Risk Management, Threat Intelligence, Defence, Stakeholder Engagement, SC Clearance, Cyber Compliance, Security Governance, Security Awareness, West Midlands, Cyber Risk, Cyber Strategy, Adecco More ❯

knowledge of security technologies, risk assessment, and vulnerability management. Hands-on experience with security monitoring tools and incident response. Familiarity with compliance standards such as ISO 27001, GDPR, and NIST frameworks. Strong analytical skills with meticulous attention to detail. Excellent communication skills, with an ability to explain technical matters to non-technical stakeholders. #J-18808-Ljbffr More ❯