1 to 25 of 376 NIST Jobs in the UK

automated solutions for vulnerability scanning, threat detection, and incident response, with a focus on continuous process improvement. Risk Management & Threat Intelligence Strong familiarity with security frameworks and standards (e.g. NIST, ISO 27001), and deep understanding of security concepts including vulnerability management, threat intelligence, incident response, and offensive security techniques. Experience in gathering and analysing threat intelligence to understand emerging threats More ❯

experience in information security within financial services Deep understanding of regulatory and compliance requirements for banking and finance Strong track record of designing and implementing security frameworks (ISO 27001, NIST) Hands-on experience with SIEM, DLP, IAM, and endpoint security technologies Excellent risk assessment and incident management skills Outstanding communication skills with the ability to influence stakeholders at all levels More ❯

experience in information security within financial services Deep understanding of regulatory and compliance requirements for banking and finance Strong track record of designing and implementing security frameworks (ISO 27001, NIST) Hands-on experience with SIEM, DLP, IAM, and endpoint security technologies, specifically Microsoft Defender XDR, Purview and Sentinel Excellent risk assessment and incident management skills Outstanding communication skills with the More ❯

modelling, risk assessments, and incident response . Implement and manage identity and access management (IAM) solutions using SailPoint, OKTA, and BeyondTrust. Collaborate with internal teams to ensure compliance with NIST, MITRE ATT&CK, and ISO27001 frameworks. Provide mentoring, documentation, and knowledge transfer to junior engineers and SOC analysts. Liaise with external vendors, clients, and cross-functional teams to resolve security More ❯

modelling, risk assessments, and incident response . Implement and manage identity and access management (IAM) solutions using SailPoint, OKTA, and BeyondTrust. Collaborate with internal teams to ensure compliance with NIST, MITRE ATT&CK, and ISO27001 frameworks. Provide mentoring, documentation, and knowledge transfer to junior engineers and SOC analysts. Liaise with external vendors, clients, and cross-functional teams to resolve security More ❯

in communicating complex security concepts to non-technical stakeholders and collaborating across departments and third-party providers. (S&I) Demonstrable knowledge of information security frameworks, regulations (such as ISO27001, NIST, and GDPR), and security technologies and controls. (S&I) Proven ability to lead and drive security initiatives, respond to security incidents, and conduct investigations. (S&I) Comprehensive understanding of information More ❯

track record in designing and testing Disaster Recovery solutions across multiple technology stacks. Familiarity with backup solutions, replication technologies, and high-availability architectures. Knowledge of cybersecurity frameworks (ISO 27001, NIST, CIS Controls) and security tooling (EDR, SIEM, vulnerability management). Excellent troubleshooting and problem-solving skills in complex environments. Strong interpersonal skills, able to engage effectively with global teams. Proven More ❯

track record in designing and testing Disaster Recovery solutions across multiple technology stacks. Familiarity with backup solutions, replication technologies, and high-availability architectures. Knowledge of cybersecurity frameworks (ISO 27001, NIST, CIS Controls) and security tooling (EDR, SIEM, vulnerability management). Excellent troubleshooting and problem-solving skills in complex environments. Strong interpersonal skills, able to engage effectively with global teams. Proven More ❯

services. Define service level objectives (SLOs) and key performance indicators (KPIs) for all security services. Compliance, Governance & Risk Management: Ensure alignment with global compliance requirements such as ISO 27001, NIST, SOC 2, GDPR, and others. Partner with governance, legal, and ISRM teams to implement enforceable policies and standards across identity, endpoint, and data domains. Implement automated compliance controls and continuous More ❯

firewalls, and proxy solutions.(e.g., F5, Palo Alto, Forcepoint, Cisco ASA) Security & Compliance Integration of security principles (Zero Trust, segmentation, NAC). Familiarity with frameworks such as ISO 27001, NIST, PCI-DSS, and data protection standards (GDPR). Cloud & Virtualisation Experience with AWS, Azure, or GCP networking services (Transit Gateway, VNet, VPC, ExpressRoute, Direct Connect). Understanding of hybrid and More ❯

enterprise-critical infrastructure (e.g., network security, data protection, vulnerability management, access control). Leading disaster recovery planning, business continuity strategies, and incident response. Familiarity with compliance standards such as NIST, ISO 27001, PCI-DSS, and GDPR in the context of data centers, critical IT infrastructure, and application resilience for business survivability. Excellent communication, presentation, and client-facing skills with the More ❯

concepts that clearly communicate value and differentiation. Solution Architecture Design comprehensive security architectures across network, endpoint, identity, cloud, and data protection domains. Ensure alignment with industry frameworks such as NIST, ISO, and CIS, and compliance with regulatory standards (PCI-DSS, HIPAA, etc.). Produce proposals, Bills of Materials (BOMs), high-level designs, and Statements of Work (SOWs). Vendor & Partner More ❯

SPL, AQL. Scripting experience with Python or PowerShell for automation. Deep understanding of threat detection, incident response, and the cyber kill chain. Familiarity with frameworks including MITRE ATT&CK, NIST, and CIS. Strong communication, analytical, and presentation skills. Solid understanding of network traffic flows, vulnerability management, and penetration testing principles. Knowledge of ITIL processes (Incident, Problem, Change Management). Ability More ❯

workflows. Define service level objectives (SLOs) and key performance indicators (KPIs) for all security services. Compliance, Governance & Risk Management: Ensure alignment with global compliance requirements such as ISO 27001, NIST, SOC 2, GDPR, and others. Partner with governance, legal, and ISRM teams to implement enforceable policies and standards across identity, endpoint, and data domains. Operationalize policy enforcement through automated controls More ❯

Profile: Proven senior leadership experience in information, cyber, or data security. CISSP, CISM, or CISA certified (or equivalent). Track record of delivering security programs aligned to ISO 27001, NIST, PCI DSS, and Cyber Essentials Plus. Hands-on experience with cloud platforms (Azure, AWS), on-premise networks, and hybrid architectures. Strong experience in Zero Trust security models. Experienced in security More ❯

Profile: Proven senior leadership experience in information, cyber, or data security. CISSP, CISM, or CISA certified (or equivalent). Track record of delivering security programs aligned to ISO 27001, NIST, PCI DSS, and Cyber Essentials Plus. Hands-on experience with cloud platforms (Azure, AWS), on-premise networks, and hybrid architectures. Strong experience in Zero Trust security models. Experienced in security More ❯

Profile: Proven senior leadership experience in information, cyber, or data security. CISSP, CISM, or CISA certified (or equivalent). Track record of delivering security programs aligned to ISO 27001, NIST, PCI DSS, and Cyber Essentials Plus. Hands-on experience with cloud platforms (Azure, AWS), on-premise networks, and hybrid architectures. Strong experience in Zero Trust security models. Experienced in security More ❯

Profile: Proven senior leadership experience in information, cyber, or data security. CISSP, CISM, or CISA certified (or equivalent). Track record of delivering security programs aligned to ISO 27001, NIST, PCI DSS, and Cyber Essentials Plus. Hands-on experience with cloud platforms (Azure, AWS), on-premise networks, and hybrid architectures. Strong experience in Zero Trust security models. Experienced in security More ❯

perspective. Policy, Procedure, and Guidance Oversight Review, update, and enforce security policies, standards, and guidance (e.g. Acceptable Use, Incident Response, Remote Access). Ensure compliance with NCSC, ISO 27001, NIST, Cyber Essentials, and GDPR frameworks. Clarify security roles and responsibilities across departments. Support Information Governance and Data Protection teams on policy alignment and compliance. Technical Review and Oversight Lead or More ❯

technical solution design, e.g. Zero Trust, least privilege RBAC, Security by Design, PAM, Segregation of Duties Data Protection and DLP Experience Experience with the following would also be beneficial: NIST, SOC2 and additional compliance and regulatory frameworks Project Management and technical delivery Experience of, or a keen interest in, the business of sport Benefits We offer a benefits package to More ❯

load balancing, firewalls, proxies (F5, Palo Alto, Forcepoint, Cisco ASA). Strong knowledge of wireless networking design and optimisation. Security integration: Zero Trust, segmentation, NAC; familiarity with ISO 27001, NIST, PCI-DSS, GDPR. Cloud & Virtualisation: AWS, Azure, or GCP networking services; understanding of hybrid/multi-cloud; automation tools (Terraform, Ansible, Python). Monitoring & Management: Network management systems (SolarWinds, Cisco More ❯

MOD/GDS Secure by Design Principles Supplier Chain Assurance and Risks. Security related legislation (e.g. GDPR, PCI DSS, ICO requirements). Security Control Frameworks such as ISO 27001, NIST CSF and CIS Controls v8. HMG, NPSA and NCSC security policies, standards and guidance. Have experience building and implementing secure by design principals within the software development lifecycle (SDLC). More ❯

compliance standards. Technical Knowledge & Experience Proven experience delivering IT or cyber security projects or capability enhancements in complex environments. Strong understanding of cyber security principles, controls, and frameworks (e.g. NIST, ISO 27001, CIS). Experience working with DevOps tools and practices (e.g. JIRA, Confluence, Azure DevOps). Familiarity with enterprise security domains such as identity management, cloud security, network defence More ❯

compliance standards. Technical Knowledge & Experience Proven experience delivering IT or cyber security projects or capability enhancements in complex environments. Strong understanding of cyber security principles, controls, and frameworks (e.g. NIST, ISO 27001, CIS). Experience working with DevOps tools and practices (e.g. JIRA, Confluence, Azure DevOps). Familiarity with enterprise security domains such as identity management, cloud security, network defence More ❯

Security+, CEH, CySA+, or Cloud Security Engineer. Extensive experience in cybersecurity, especially incident response and technical operations. Strong understanding of AWS and Azure cloud platforms. Familiarity with frameworks like NIST, ISO, COBIT, and OWASP. Proven success in leading and delivering security projects. Experience with PowerShell and automation. Consulting experience across IT and digital teams. Flexibility for occasional travel and out More ❯