1 to 25 of 34 NIST Jobs in the Thames Valley

ll bring: 5+ years in InfoSec, IT Security or Ops within a regulated environment Certification required: CISSP, CISM, CRISC, or equivalent Strong knowledge of ISO27001:2022, SOC2 Type II, NIST CSF, PCI DSS, GDPR, DORA Confident with security risk assessments, audit responses, and policy governance Hands-on cloud security experience: ideally with Azure and the Shared Responsibility Model Comfort with More ❯

SPL, AQL. Scripting experience with Python or PowerShell for automation. Deep understanding of threat detection, incident response, and the cyber kill chain. Familiarity with frameworks including MITRE ATT&CK, NIST, and CIS. Strong communication, analytical, and presentation skills. Solid understanding of network traffic flows, vulnerability management, and penetration testing principles. Knowledge of ITIL processes (Incident, Problem, Change Management). Ability More ❯

SPL, AQL. Scripting experience with Python or PowerShell for automation. Deep understanding of threat detection, incident response, and the cyber kill chain. Familiarity with frameworks including MITRE ATT&CK, NIST, and CIS. Strong communication, analytical, and presentation skills. Solid understanding of network traffic flows, vulnerability management, and penetration testing principles. Knowledge of ITIL processes (Incident, Problem, Change Management). Ability More ❯

SPL, AQL. Scripting experience with Python or PowerShell for automation. Deep understanding of threat detection, incident response, and the cyber kill chain. Familiarity with frameworks including MITRE ATT&CK, NIST, and CIS. Strong communication, analytical, and presentation skills. Solid understanding of network traffic flows, vulnerability management, and penetration testing principles. Knowledge of ITIL processes (Incident, Problem, Change Management). Ability More ❯

of working in large, complex technology programmes involving multiple concurrent projects with significant experience of delivering through offshore/nearshore strategic vendors. Knowledge of security frameworks & standards (ISO 27001, NIST, CIS, GDPR, SOC 2) Be experienced in 'hands on' technology software delivery from initiation to implementation. Have knowledge of programme and project management methodology and managing full lifecycle of programmes More ❯

Ability to lead technical conversations, influence customer decisions, and deliver trusted advisory services Existing SC clearance or eligibility to apply Desirable Skills & Certifications Familiarity with industry security frameworks (e.g., NIST, ISO 27001, CIS Controls) Cloud security experience across major hyperscalers Required Certifications: Zscaler Certified Architect (ZCA) Zscaler Certified Engineer (ZCE) Advantageous Certifications Palo Alto Networks Certified Cloud Security Engineer (PCCSE More ❯

Ability to lead technical conversations, influence customer decisions, and deliver trusted advisory services Existing SC clearance or eligibility to apply Desirable Skills & Certifications Familiarity with industry security frameworks (e.g., NIST, ISO 27001, CIS Controls) Cloud security experience across major hyperscalers Required Certifications: Zscaler Certified Architect (ZCA) Zscaler Certified Engineer (ZCE) Advantageous Certifications Palo Alto Networks Certified Cloud Security Engineer (PCCSE More ❯

Ability to lead technical conversations, influence customer decisions, and deliver trusted advisory services Existing SC clearance or eligibility to apply Desirable Skills & Certifications Familiarity with industry security frameworks (e.g., NIST, ISO 27001, CIS Controls) Cloud security experience across major hyperscalers Required Certifications: Zscaler Certified Architect (ZCA) Zscaler Certified Engineer (ZCE) Advantageous Certifications Palo Alto Networks Certified Cloud Security Engineer (PCCSE More ❯

background in Security Risk and Governance with hands-on experience in Archer (experience with other GRC tools is also valuable). Solid understanding of risk assessment methodologies, security frameworks (NIST, ISO 270001), and compliance requirements (GDPR, PCI DSS, SOX). Strong written communication skills, able to produce clear technical reports and risk documentation. Excellent stakeholder management, able to collaborate across More ❯

Ability to lead technical conversations, influence customer decisions, and deliver trusted advisory services Existing SC clearance or eligibility to apply Desirable Skills & Certifications Familiarity with industry security frameworks (e.g., NIST, ISO 27001, CIS Controls) Cloud security experience across major hyperscalers More ❯

incidents. What We're Looking For : Proven experience as a Security Architect or similar role in the engineering sector. Strong knowledge of security frameworks, standards, and best practises (e.g., NIST, ISO 27001). Proficiency in security tools and technologies (e.g., firewalls, intrusion detection systems). Excellent analytical and problem-solving skills. Ability to communicate complex security concepts to non-technical More ❯

incidents. What We're Looking For : Proven experience as a Security Architect or similar role in the engineering sector. Strong knowledge of security frameworks, standards, and best practises (e.g., NIST, ISO 27001). Proficiency in security tools and technologies (e.g., firewalls, intrusion detection systems). Excellent analytical and problem-solving skills. Ability to communicate complex security concepts to non-technical More ❯

matrix in line with ISO 27001, Cyber Essentials, and SOC 2. Act as the key point of contact for security assurance queries. Conduct vendor risk assessments against ISO 27001, NIST, and CIS Controls. Manage the third-party due diligence programme, including onboarding and periodic reviews. Track and publish key security metrics such as risk severity, SLA adherence, and turnaround times. More ❯

matrix in line with ISO 27001, Cyber Essentials, and SOC 2. Act as the key point of contact for security assurance queries. Conduct vendor risk assessments against ISO 27001, NIST, and CIS Controls. Manage the third-party due diligence programme, including onboarding and periodic reviews. Track and publish key security metrics such as risk severity, SLA adherence, and turnaround times. More ❯

security, application security, identity management, cloud security, and endpoint security including knowledge of firewalls, intrusion detection systems, encryption, and other security technologies and industry standards and frameworks such as NIST, ISO 27001, and IEC 62443. Effective communication skills so that you can explain complex security concepts to non-technical stakeholders and for collaborating with other IT and engineering professionals and More ❯

security, application security, identity management, cloud security, and endpoint security including knowledge of firewalls, intrusion detection systems, encryption, and other security technologies and industry standards and frameworks such as NIST, ISO 27001, and IEC 62443. * Effective communication skills so that you can explain complex security concepts to non-technical stakeholders and for collaborating with other IT and engineering professionals and More ❯

fast-paced, client-facing environments. What We’re Looking For 5+ years in cyber strategy, transformation, risk management, or cyber maturity assessments. Knowledge of industry standards and regulations (e.g. NIST CSF, ISO27001, GDPR, NIS2). Strong consulting skills — stakeholder management, project delivery, and team leadership. Relevant certifications (CISSP, CISM, CISA, MSc Cyber Security, or equivalent) are desirable. Excellent communication skills More ❯

practical work such as conducting AI risk assessments, advising on ethical implications, and developing operational policies for clients. A strong understanding of key AI governance standards and regulations (e.g., NIST AI RMF, EU AI Act), ideally demonstrated by a professional qualification such as ISO 42001 or IAPP AIGP. We value practical experience and are committed to supporting the right candidate More ❯

this position must have: Hands-on experience with disaster recovery, failover testing, and operational resilience in IT infrastructure. Solid understanding of business continuity and security frameworks (e.g. ISO27001, ISO23001 NIST) and how to evidence controls. Experience producing and maintaining high-quality technical documentation and runbooks. Strong coordination skills with cross-functional teams. Proficiency with infrastructure tooling and at least one More ❯

and frameworks . Provide advisory guidance to cross-functional teams during AI/ML system design and deployment. Contribute to regulatory compliance efforts (EU AI Act, GDPR, ISO 27001, NIST AI RMF, etc.). Support incident response teams in handling AI/ML-related security events. Your Profile Wed love to hear from you if you have: Strong experience as More ❯

security architecture and engineering within Defence or Critical National Infrastructure. Knowledge of risk management methodologies and security assurance. Desirable Skills Experience with IEC/ISA 62443 standards. Familiarity with NIST 800-82, ISO 27001, and Defence Security standards (e.g., JSPs). Previous MOD/Defence and or Nuclear experience. Due to the nature and urgency of the role, candidates are More ❯

Bash, PowerShell). Previous experience in defence, government, or secure environments. Desirable Skills Industry-recognised network certifications (e.g. CCNA, CCNP, JNCIP, CompTIA Network+). Exposure to security frameworks (ISO27001, NIST, MOD standards) If you are interested in this role or wish to apply, please feel free to reply to this advert with your CV or call me on (phone number More ❯

deliver the strategic roadmap for global Cyber GRC. Lead and develop a high-performing team across multiple regions. Oversee risk management, assurance, and compliance aligned with frameworks such as NIST, ISO27001 and CIS. Drive third-party and M&A cyber risk management. Deliver clear, data-driven insights and dashboards for senior stakeholders. Champion a strong security culture and continuous improvement More ❯

/ML systems and pipelines . Ensure solutions comply with European financial services regulations (GDPR, PSD2, DORA, NIS2) as well as emerging AI governance frameworks (e.g., EU AI Act, NIST AI RMF). Integrate security into DevSecOps and MLOps pipelines , including CI/CD and infrastructure-as-code environments. Drive adoption of Zero Trust principles, encryption standards, IAM policies, and … Management (IAM) Network and Application Security Data Protection & Encryption Kubernetes, Containers, and DevSecOps/MLOps practices SIEM, logging, and monitoring Zero Trust architectures Skilled in applying frameworks such as NIST CSF, ISO 27001, PCI DSS, CSA CCM, NIST AI RMF . Hands-on with tools for vulnerability management, secrets management, CSPM, and CWPP . Relevant certifications strongly preferred (CISSP, CCSP More ❯

certification, and be compliant with DORA, NIS 2, GDPR, etc. Requirements: ISO 27001 Lead Implementer or Auditor certification Strong knowledge of frameworks like ISO 27001/27002, CAF, eCAF, NIST, GDPR Client and stakeholder management The client is looking for someone with direct experience with utility providers or experience working with providers via Third-Party suppliers. If you're interested More ❯